〈   Legislation and Compliance
The Swiss Data Protection Act (FADP and nFADP)

Chapter 1.6

What to do?

  • Designate one or more internal controllers to ensure compliance with the legislation.
  • Identify the personal data processed to assess risk and determine the level of compliance requirements to apply.
  • Ensure data security according to the data protection principles of “privacy by design” and “privacy by default”.
  • Comply with the duty to provide information (privacy policy, contracts, etc.).
  • Establish an inventory of processing operations.
  • Check and adapt contracts with subcontractors.
  • Check and adapt cross-border data flows.
  • Set up a procedure in case of a security breach (notification of the Federal Data Protection and Information Commissioner and the data subjects).
  • Establish a procedure in case of access requests.
  • Establish retention policies to set and verify the useful retention period.
  • Destroy data that is no longer needed.
  • Roll out continuous training of your employees.

2023 © Trust Valley. All rights reserved.