Guide logo
〈   Legislation and Compliance
The Swiss Data Protection Act (FADP and nFADP)
The Swiss Data Protection Act (FADP)The guiding principles of the FADPWho is affected by this law?The nFADP: What's new in the revisionWhat are the risks?What to do?Further information
PreviousNext
Chapter 1.6

What to do?

Legal
  • Designate one or more internal controllers to ensure compliance with the legislation.
  • Identify the personal data processed to assess risk and determine the level of compliance requirements to apply.
  • Ensure data security according to the data protection principles of “privacy by design” and “privacy by default”.
  • Comply with the duty to provide information (privacy policy, contracts, etc.).
  • Establish an inventory of processing operations.
  • Check and adapt contracts with subcontractors.
  • Check and adapt cross-border data flows.
  • Set up a procedure in case of a security breach (notification of the Federal Data Protection and Information Commissioner and the data subjects).
  • Establish a procedure in case of access requests.
  • Establish retention policies to set and verify the useful retention period.
  • Destroy data that is no longer needed.
  • Roll out continuous training of your employees.

Guide

About

Trust Valley

National Cyber Security Centre

Sitemap

Legal notice

Report an error

2023 © Trust Valley. All rights reserved.

Terms & Conditions

Privacy policy