datenrecht.ch

aDSG (old ver­si­on of the DSG)

The ver­si­on of the DPA valid until the end of August 2023. The texts have been auto­ma­ti­cal­ly con­ver­ted – thank you for poin­ting out any errors.

The then Regu­la­ti­on (VDSG) can be found here, the revi­sed, cur­rent ver­si­on of the DSG here.

fold out | fold

Sec­tion 1: Pur­po­se, Scope and Terms

Art. 1 Purpose

This law aims to pro­tect the per­so­na­li­ty and fun­da­men­tal rights of per­sons about whom data are processed.


Art. 2 Scope

1 This Act applies to the pro­ce­s­sing of data of natu­ral and legal per­sons by:

a pri­va­te persons;
b Fede­ral bodies.
2 It is not appli­ca­ble to:
a Per­so­nal data that a natu­ral per­son pro­ce­s­ses exclu­si­ve­ly for per­so­nal use and does not dis­c­lo­se to outsiders;
b deli­be­ra­ti­ons in the Fede­ral Coun­cils and in the par­lia­men­ta­ry commissions;
c pen­ding civil pro­ce­e­dings, cri­mi­nal pro­ce­e­dings, inter­na­tio­nal legal assi­stance pro­ce­e­dings, and pro­ce­e­dings under sta­te and admi­ni­stra­ti­ve law, with the excep­ti­on of first-instance admi­ni­stra­ti­ve proceedings;
d public regi­sters of pri­va­te legal transactions;
e Per­so­nal data pro­ce­s­sed by the Inter­na­tio­nal Com­mit­tee of the Red Cross.


Art. 3 Terms

The fol­lo­wing expres­si­ons mean:

a. Per­so­nal data: all data rela­ting to an iden­ti­fi­ed or iden­ti­fia­ble person;
b. Data sub­jects: natu­ral or legal per­sons about whom data are processed;

c. Per­so­nal data requi­ring spe­cial pro­tec­tion: Data about:

1. reli­gious, ideo­lo­gi­cal, poli­ti­cal, or trade uni­on views or activities,

2. health, pri­va­cy, or race,

3. Social assi­stance measures,
4. admi­ni­stra­ti­ve or cri­mi­nal pro­se­cu­ti­ons and sanctions;
d. Per­so­na­li­ty pro­fi­le: a set of data that allo­ws an assess­ment of essen­ti­al aspects of a natu­ral person’s personality;
e. Pro­ce­s­sing: any hand­ling of per­so­nal data, regard­less of the means and pro­ce­du­res used, in par­ti­cu­lar obtai­ning, sto­ring, using, repro­ce­s­sing, dis­clo­sing, archi­ving or destroy­ing data;
f. Dis­clo­sure: the making available of per­so­nal data such as the gran­ting of access, pas­sing on or publication;
g. Data coll­ec­tion: any set of per­so­nal data that is struc­tu­red in such a way that the data is acce­s­si­ble by data subject;
h. Fede­ral bodies: fede­ral aut­ho­ri­ties and agen­ci­es as well as per­sons, inso­far as they are ent­ru­sted with public tasks of the fede­ral government;
i. Data coll­ec­tion owners: pri­va­te per­sons or fede­ral bodies that deci­de on the pur­po­se and con­tent of the data collection;

j. Law in the for­mal sense:

1. fede­ral laws,
2. decis­i­ons of inter­na­tio­nal orga­nizati­ons that are bin­ding on Switz­er­land and inter­na­tio­nal trea­ties with legis­la­ti­ve con­tent that have been appro­ved by the Fede­ral Assembly;
k.

Sec­tion 2: Gene­ral data pro­tec­tion provisions

Art. 4 Principles

1 Per­so­nal data may only be pro­ce­s­sed lawfully.
2 Their pro­ce­s­sing must be car­ri­ed out in good faith and must be proportionate.
3 Per­so­nal data may only be pro­ce­s­sed for the pur­po­se that was sta­ted when it was obtai­ned, is evi­dent from the cir­cum­stances or is pro­vi­ded for by law.
4 The acqui­si­ti­on of per­so­nal data and in par­ti­cu­lar the pur­po­se of its pro­ce­s­sing must be reco­gnizable to the data subject.
5 If the con­sent of the data sub­ject is requi­red for the pro­ce­s­sing of per­so­nal data, this con­sent shall only be valid if it is given vol­un­t­a­ri­ly after appro­pria­te infor­ma­ti­on. In the case of the pro­ce­s­sing of per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial pro­tec­tion, con­sent must also be given expressly.


Art. 5 Accu­ra­cy of the data

1 Anyo­ne who pro­ce­s­ses per­so­nal data must ensu­re that it is accu­ra­te. He must take all rea­sonable mea­su­res to ensu­re that data which is inac­cu­ra­te or incom­ple­te with regard to the pur­po­se for which it was obtai­ned or pro­ce­s­sed is cor­rec­ted or destroyed.
2 Any data sub­ject may request that inac­cu­ra­te data be corrected.


Art. 6 Cross-bor­der disclosure

1 Per­so­nal data may not be dis­c­lo­sed abroad if this would serious­ly jeo­par­di­ze the per­so­na­li­ty of the per­sons con­cer­ned, in par­ti­cu­lar becau­se the­re is no legis­la­ti­on that ensu­res ade­qua­te protection.

2 In the absence of legis­la­ti­on that ensu­res ade­qua­te pro­tec­tion, per­so­nal data may be dis­c­lo­sed abroad only if:

a suf­fi­ci­ent gua­ran­tees, in par­ti­cu­lar by con­tract, ensu­re ade­qua­te pro­tec­tion abroad;
b the data sub­ject has con­sen­ted in the indi­vi­du­al case;
c the pro­ce­s­sing is direct­ly rela­ted to the con­clu­si­on or exe­cu­ti­on of a con­tract and invol­ves per­so­nal data of the con­trac­tu­al partner;
d the dis­clo­sure is indis­pensable in the indi­vi­du­al case eit­her for the pro­tec­tion of an over­ri­ding public inte­rest or for the estab­lish­ment, exer­cise or enforce­ment of legal claims in court;
e the dis­clo­sure is neces­sa­ry in the indi­vi­du­al case to pro­tect the life or phy­si­cal inte­gri­ty of the data subject;
f the data sub­ject has made the data gene­ral­ly acce­s­si­ble and has not express­ly pro­hi­bi­ted processing;
g the dis­clo­sure takes place within the same legal enti­ty or com­pa­ny or bet­ween legal enti­ties or com­pa­nies under com­mon manage­ment, pro­vi­ded that the par­ties invol­ved are sub­ject to data pro­tec­tion rules that ensu­re ade­qua­te protection.
3 The Fede­ral Data Pro­tec­tion and Infor­ma­ti­on Com­mis­sio­ner (Com­mis­sio­ner, Artic­le 26) must be infor­med of the gua­ran­tees under para­graph 2 let­ter a and the data pro­tec­tion rules under para­graph 2 let­ter g. The Fede­ral Coun­cil shall regu­la­te the details of this duty to inform.


Art. 7 Data security

1 Per­so­nal data must be pro­tec­ted against unaut­ho­ri­zed pro­ce­s­sing by appro­pria­te tech­ni­cal and orga­nizatio­nal measures.
2 The Fede­ral Coun­cil shall issue more detail­ed pro­vi­si­ons on the mini­mum requi­re­ments for data security.


Art. 7a

[lifted]


Art. 8 Right to information

1 Any per­son may request infor­ma­ti­on from the con­trol­ler of a data file as to whe­ther data rela­ting to them is being processed.

2 The data con­trol­ler must inform the data subject:

a all data available about them in the data coll­ec­tion, inclu­ding available infor­ma­ti­on about the ori­gin of the data;
b the pur­po­se and, whe­re appli­ca­ble, the legal basis of the pro­ce­s­sing, as well as the cate­go­ries of per­so­nal data pro­ce­s­sed, the par­ties invol­ved in the coll­ec­tion and the data recipients.
3 Data rela­ting to health may be com­mu­ni­ca­ted by the con­trol­ler of the data file to the data sub­ject by a phy­si­ci­an desi­gna­ted by the data subject.
4 If the con­trol­ler of the data file has per­so­nal data pro­ce­s­sed by a third par­ty, the con­trol­ler remains obli­ged to pro­vi­de infor­ma­ti­on. The third par­ty is obli­ged to pro­vi­de infor­ma­ti­on if it does not dis­c­lo­se the data con­trol­ler or the data con­trol­ler is not domic­i­led in Switzerland.
5 As a rule, the infor­ma­ti­on must be pro­vi­ded in wri­ting, in the form of a prin­tout or pho­to­co­py and free of char­ge. The Fede­ral Coun­cil shall regu­la­te the exceptions.
6 No one may wai­ve the right to infor­ma­ti­on in advance.


Art. 9 Limi­ta­ti­on of the right to information

1 The con­trol­ler of the data file may refu­se, rest­rict or post­po­ne the pro­vi­si­on of infor­ma­ti­on to the ext­ent that:

a a law in the for­mal sen­se pro­vi­des for this;
b it is neces­sa­ry due to over­ri­ding inte­rests of third parties.

2 A fede­ral body may also refu­se, rest­rict or post­po­ne the pro­vi­si­on of infor­ma­ti­on to the ext­ent that:

a it is neces­sa­ry due to over­ri­ding public inte­rests, in par­ti­cu­lar the inter­nal or exter­nal secu­ri­ty of the Confederation;
b the infor­ma­ti­on calls into que­sti­on the pur­po­se of a cri­mi­nal inve­sti­ga­ti­on or other inve­sti­ga­ti­ve proceedings.
3 As soon as the rea­son for refu­sing, rest­ric­ting or defer­ring infor­ma­ti­on cea­ses to app­ly, the fede­ral body must pro­vi­de the infor­ma­ti­on unless this is impos­si­ble or pos­si­ble only at dis­pro­por­tio­na­te expense.
4 The pri­va­te owner of a data file may also refu­se, rest­rict or post­po­ne the pro­vi­si­on of infor­ma­ti­on inso­far as his own over­ri­ding inte­rests so requi­re and he does not dis­c­lo­se the per­so­nal data to third parties.
5 The con­trol­ler of the data file must sta­te the rea­son for which he refu­ses, rest­ricts or post­po­nes the information.


Art. 10 Rest­ric­tions on the right to infor­ma­ti­on for media professionals

1 The owner of a data file that is used exclu­si­ve­ly for publi­ca­ti­on in the edi­to­ri­al sec­tion of a peri­odi­cal medi­um may refu­se, rest­rict or post­po­ne the pro­vi­si­on of infor­ma­ti­on inso­far as:

a the per­so­nal data pro­vi­de infor­ma­ti­on about the sources of information;
b insight into drafts for publi­ca­ti­ons would have to be given;
c the public’s free­dom of opi­ni­on would be jeopardized.
2 Media pro­fes­sio­nals may also refu­se, rest­rict or post­po­ne the pro­vi­si­on of infor­ma­ti­on if a data coll­ec­tion ser­ves them exclu­si­ve­ly as a per­so­nal work tool.


Art. 10a Data pro­ce­s­sing by third parties 

1 The pro­ce­s­sing of per­so­nal data may be trans­fer­red to third par­ties by agree­ment or by law if:

a the data are pro­ce­s­sed only as the cli­ent hims­elf would be allo­wed to do; and
b no legal or con­trac­tu­al con­fi­den­tia­li­ty obli­ga­ti­on pro­hi­bits it.
2 In par­ti­cu­lar, the Cli­ent must ensu­re that the third par­ty gua­ran­tees data security.
3 Third par­ties may assert the same grounds for justi­fi­ca­ti­on as the Client.


Art. 11 Cer­ti­fi­ca­ti­on procedure

1 In order to impro­ve data pro­tec­tion and data secu­ri­ty, manu­fac­tu­r­ers of data pro­ce­s­sing systems or pro­grams and pri­va­te indi­vi­du­als or fede­ral bodies that pro­cess per­so­nal data may sub­ject their systems, pro­ce­du­res and orga­nizati­on to an assess­ment by reco­gnized inde­pen­dent cer­ti­fi­ca­ti­on bodies.
2 The Fede­ral Coun­cil shall issue regu­la­ti­ons on the reco­gni­ti­on of cer­ti­fi­ca­ti­on pro­ce­du­res and the intro­duc­tion of a data pro­tec­tion qua­li­ty mark. In doing so, it shall take into account inter­na­tio­nal law and inter­na­tio­nal­ly reco­gnized tech­ni­cal standards.


Art. 11a Regi­ster of data collections 

1 The Com­mis­sio­ner shall main­tain a regi­ster of data coll­ec­tions that is acce­s­si­ble via the Inter­net. Any per­son may con­sult the register.
2 Fede­ral bodies must regi­ster all data coll­ec­tions with the Com­mis­sio­ner for registration.

3 Pri­va­te indi­vi­du­als must regi­ster data coll­ec­tions if:

a par­ti­cu­lar­ly sen­si­ti­ve per­so­nal data or per­so­na­li­ty pro­files are regu­lar­ly pro­ce­s­sed; or
b per­so­nal data is regu­lar­ly dis­c­lo­sed to third parties.
4 Data coll­ec­tions must be regi­stered befo­re they are opened.

5 Con­tra­ry to the pro­vi­si­ons of para­graphs 2 and 3, the owner of data coll­ec­tions need not decla­re his coll­ec­tions if:

a pri­va­te per­sons pro­cess data on the basis of a legal obligation;
b the Fede­ral Coun­cil has exempt­ed a pro­ce­s­sing ope­ra­ti­on from the noti­fi­ca­ti­on requi­re­ment becau­se it does not jeo­par­di­ze the rights of the per­sons concerned;
c it uses the data exclu­si­ve­ly for publi­ca­ti­on in the edi­to­ri­al sec­tion of a peri­odi­cal­ly published medi­um and does not pass on any data to third par­ties wit­hout the per­sons con­cer­ned being awa­re of this;
d the data is pro­ce­s­sed by jour­na­lists who use the data coll­ec­tion exclu­si­ve­ly as a per­so­nal work tool;
e it has desi­gna­ted a data pro­tec­tion offi­cer who inde­pendent­ly moni­tors inter­nal com­pli­ance with data pro­tec­tion regu­la­ti­ons and main­ta­ins a regi­ster of data collections;
f it has obtai­ned a data pro­tec­tion qua­li­ty mark on the basis of a cer­ti­fi­ca­ti­on pro­ce­du­re pur­su­ant to Artic­le 11 and the result of the assess­ment has been com­mu­ni­ca­ted to the Commissioner.
6 The Fede­ral Coun­cil shall regu­la­te the moda­li­ties for the regi­stra­ti­on of data files, the main­ten­an­ce and publi­ca­ti­on of the regi­ster, as well as the posi­ti­on and duties of the data pro­tec­tion offi­cers in accordance with para­graph 5 let­ter e and the publi­ca­ti­on of a list of data file owners who are exempt from the obli­ga­ti­on to regi­ster in accordance with para­graph 5 let­ters e and f.

Sec­tion 3: Pro­ce­s­sing of per­so­nal data by pri­va­te persons

Art. 12 Vio­la­ti­on of per­so­na­li­ty rights

1 Anyo­ne who pro­ce­s­ses per­so­nal data must not unlawful­ly inf­rin­ge the per­so­na­li­ty of the per­sons concerned.

2 In par­ti­cu­lar, it may not:

a pro­cess per­so­nal data con­tra­ry to the prin­ci­ples of Artic­les 4, 5(1) and 7(1);
b pro­cess data of a per­son against his or her expli­cit will wit­hout justification;
c dis­c­lo­se sen­si­ti­ve per­so­nal data or per­so­na­li­ty pro­files to third par­ties wit­hout justification.
3 As a rule, the­re is no vio­la­ti­on of pri­va­cy if the data sub­ject has made the data gene­ral­ly acce­s­si­ble and has not express­ly pro­hi­bi­ted processing.


Art. 13 Grounds for justification

1 An inf­rin­ge­ment of per­so­na­li­ty rights is unlawful if it is not justi­fi­ed by the con­sent of the per­son inf­rin­ged, by an over­ri­ding pri­va­te or public inte­rest or by law.

2 An over­ri­ding inte­rest of the per­son pro­ce­s­sing the data comes into con­side­ra­ti­on in par­ti­cu­lar if that person:

a pro­ce­s­ses per­so­nal data about its con­trac­tu­al part­ner in direct con­nec­tion with the con­clu­si­on or per­for­mance of a contract;
b is or intends to be in eco­no­mic com­pe­ti­ti­on with ano­ther per­son and pro­ce­s­ses per­so­nal data for this pur­po­se wit­hout dis­clo­sing it to third parties;
c pro­ce­s­ses neither sen­si­ti­ve per­so­nal data nor per­so­na­li­ty pro­files for the pur­po­se of checking the cre­dit­wort­hi­ness of ano­ther per­son and only dis­c­lo­ses data to third par­ties that they requi­re for the con­clu­si­on or per­for­mance of a con­tract with the data subject;
d pro­fes­sio­nal­ly pro­ce­s­ses per­so­nal data exclu­si­ve­ly for publi­ca­ti­on in the edi­to­ri­al sec­tion of a peri­odi­cal medium;
e pro­ce­s­ses per­so­nal data for non-per­so­nal pur­po­ses, in par­ti­cu­lar in rese­arch, plan­ning and sta­tis­tics, and publishes the results in such a way that the per­sons con­cer­ned can­not be identified;
f coll­ects data about a public figu­re, pro­vi­ded that the data rela­tes to that person’s acti­vi­ties in public.


Art. 14 Trans­pa­ren­cy and infor­ma­ti­on when obtai­ning per­so­nal data and per­so­na­li­ty pro­files requi­ring spe­cial protection

1 The con­trol­ler of the data file is obli­ged to inform the data sub­ject about the pro­cu­re­ment of per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial pro­tec­tion; this duty to inform also applies if the data is obtai­ned from third parties.

2 The per­son con­cer­ned must at least be infor­med of:

a the owner of the data collection;
b the pur­po­se of editing;
c the cate­go­ries of data reci­pi­en­ts, if data dis­clo­sure is foreseen.
3 If the data are not obtai­ned from the data sub­ject, the data sub­ject must be infor­med at the latest when the data are stored or, if the data are not stored, when they are first dis­c­lo­sed to third parties.

4 The duty of the con­trol­ler of the data file to pro­vi­de infor­ma­ti­on shall not app­ly if the data sub­ject has alre­a­dy been infor­med or, in cases under para­graph 3, if:

a the sto­rage or dis­clo­sure of the data is express­ly pro­vi­ded for by law; or
b the infor­ma­ti­on is not pos­si­ble or only pos­si­ble with dis­pro­por­tio­na­te effort.
5 The con­trol­ler of the data file may refu­se, rest­rict or post­po­ne the pro­vi­si­on of infor­ma­ti­on under the con­di­ti­ons spe­ci­fi­ed in Artic­le 9 para­graphs 1 and 4.


Art. 15 Legal claims

1 Actions for the pro­tec­tion of per­so­na­li­ty shall be gover­ned by Artic­les 28, 28a and 28l of the Civil Code. The com­plai­ning par­ty may in par­ti­cu­lar demand that data pro­ce­s­sing be blocked, that no data be dis­c­lo­sed to third par­ties or that the per­so­nal data be cor­rec­ted or destroyed.
2 If neither the accu­ra­cy nor the inac­cu­ra­cy of per­so­nal data can be demon­stra­ted, the com­plai­ning par­ty may request that a cor­re­spon­ding note be added to the data.
3 The clai­mant may also request that the cor­rec­tion, the des­truc­tion, the blocking, name­ly the blocking of dis­clo­sure to third par­ties, the note of con­test or the judgment be com­mu­ni­ca­ted to third par­ties or published.
4 The court shall deci­de on actions to enforce the right to infor­ma­ti­on in sim­pli­fi­ed pro­ce­e­dings in accordance with the Code of Civil Pro­ce­du­re of 19 Decem­ber 2008.

Sec­tion 4: Pro­ce­s­sing of Per­so­nal Data by Fede­ral Bodies

Art. 16 Respon­si­ble body and control

1 The fede­ral body that pro­ce­s­ses the per­so­nal data or has it pro­ce­s­sed in the per­for­mance of its duties is respon­si­ble for data protection.
2 If fede­ral bodies pro­cess per­so­nal data tog­e­ther with other fede­ral bodies, with can­to­nal bodies or with pri­va­te per­sons, the Fede­ral Coun­cil may spe­ci­fi­cal­ly regu­la­te the con­trol of and respon­si­bi­li­ty for data protection.


Art. 17 Legal bases

1 Fede­ral bodies may pro­cess per­so­nal data if the­re is a legal basis for doing so.

2 They may pro­cess per­so­nal data requi­ring spe­cial pro­tec­tion and per­so­na­li­ty pro­files only if a law in the for­mal sen­se express­ly pro­vi­des for it or in excep­tio­nal cases:

a it is indis­pensable for a task cle­ar­ly defi­ned in a law in the for­mal sense;
b the Fede­ral Coun­cil appro­ves it in an indi­vi­du­al case becau­se the rights of the per­son con­cer­ned are not at risk; or
c the data sub­ject has con­sen­ted in the indi­vi­du­al case or has made his/her data gene­ral­ly acce­s­si­ble and has not express­ly pro­hi­bi­ted processing.


Art. 17a Auto­ma­ted data pro­ce­s­sing within the scope of pilot tests

1 The Fede­ral Coun­cil may, after obtai­ning the opi­ni­on of the Com­mis­sio­ner, aut­ho­ri­se the auto­ma­ted pro­ce­s­sing of per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial pro­tec­tion in the for­mal sen­se befo­re a law comes into force if:

a the tasks requi­ring such pro­ce­s­sing are regu­la­ted in a law in the for­mal sense;
b suf­fi­ci­ent mea­su­res are taken to pre­vent vio­la­ti­ons of privacy;
c the prac­ti­cal imple­men­ta­ti­on of data pro­ce­s­sing requi­res a test pha­se befo­re the law comes into force in the for­mal sense.

2 The prac­ti­cal imple­men­ta­ti­on of data pro­ce­s­sing may requi­re a test pha­se if:

a the per­for­mance of a task requi­res tech­ni­cal inno­va­tions, the effects of which must first be evaluated;
b the per­for­mance of a task requi­res signi­fi­cant orga­nizatio­nal or tech­ni­cal mea­su­res, the effec­ti­ve­ness of which must first be tested, par­ti­cu­lar­ly in the case of coope­ra­ti­on bet­ween fede­ral and can­to­nal bodies; or
c it requi­res the trans­mis­si­on of par­ti­cu­lar­ly sen­si­ti­ve per­so­nal data or per­so­na­li­ty pro­files to can­to­nal aut­ho­ri­ties by means of a retrie­val procedure.
3 The Fede­ral Coun­cil shall regu­la­te the moda­li­ties of auto­ma­ted data pro­ce­s­sing in an ordinance.
4 The com­pe­tent fede­ral body shall sub­mit an eva­lua­ti­on report to the Fede­ral Coun­cil within two years of the pilot system going into ope­ra­ti­on. In this report, it shall pro­po­se the con­ti­nua­tion or dis­con­ti­nua­tion of the processing.
5 Auto­ma­ted data pro­ce­s­sing must be dis­con­tin­ued in any case if, within five years of the pilot system going into ope­ra­ti­on, no law in the for­mal sen­se has come into force that inclu­des the neces­sa­ry legal basis.


Art. 18 Obtai­ning per­so­nal data

1 In the case of syste­ma­tic sur­veys, name­ly with que­sti­on­n­aires, the fede­ral body shall dis­c­lo­se the pur­po­se and legal basis of the pro­ce­s­sing, the cate­go­ries of per­sons invol­ved in the data coll­ec­tion and the data recipients.
2 …

Art. 18a Trans­pa­ren­cy and infor­ma­ti­on when obtai­ning per­so­nal data 

1 Fede­ral bodies are obli­ged to inform the data sub­ject about the pro­cu­re­ment of per­so­nal data; this duty to inform also applies if the data are obtai­ned from third parties.

2 The per­son con­cer­ned must at least be infor­med of:

a the owner of the data collection;
b the pur­po­se of editing;
c the cate­go­ries of data reci­pi­en­ts, if data dis­clo­sure is foreseen;
d the right to infor­ma­ti­on under Artic­le 8;
e the con­se­quen­ces of a refu­sal by the data sub­ject to pro­vi­de the reque­sted per­so­nal data.
3 If the data are not obtai­ned from the data sub­ject, the data sub­ject must be infor­med at the latest when the data are stored or, if the data are not stored, when they are first dis­c­lo­sed to third parties.

4 The duty of the fede­ral bodies to pro­vi­de infor­ma­ti­on does not app­ly if the per­son con­cer­ned has alre­a­dy been infor­med or, in cases under para­graph 3, if:

a the sto­rage or dis­clo­sure of the data is express­ly pro­vi­ded for by law; or
b the infor­ma­ti­on is not pos­si­ble or only pos­si­ble with dis­pro­por­tio­na­te effort.
5 If the duty to pro­vi­de infor­ma­ti­on would impair the com­pe­ti­ti­ve­ness of a fede­ral body, the Fede­ral Coun­cil may limit it to the pro­cu­re­ment of per­so­nal data requi­ring spe­cial pro­tec­tion and of per­so­na­li­ty profiles.


Art. 18b Rest­ric­tion of trans­pa­ren­cy and information 

1 Fede­ral bodies may refu­se, rest­rict or post­po­ne the pro­vi­si­on of infor­ma­ti­on under the con­di­ti­ons spe­ci­fi­ed in Artic­le 9 para­graphs 1 and 2.
2 As soon as the rea­son for the refu­sal, rest­ric­tion or defer­ral cea­ses to app­ly, the fede­ral bodies shall be bound by the duty to pro­vi­de infor­ma­ti­on, unless this is impos­si­ble or can be ful­fil­led only with dis­pro­por­tio­na­te effort.


Art. 19 Dis­clo­sure of per­so­nal data

1 Fede­ral bodies may dis­c­lo­se per­so­nal data only if the­re is a legal basis for doing so within the mea­ning of Artic­le 17 or if:

a the data is indis­pensable for the reci­pi­ent in the indi­vi­du­al case for the ful­fill­ment of its legal task;
b the data sub­ject has con­sen­ted in the indi­vi­du­al case;
c the data sub­ject has made his/her data gene­ral­ly available and has not express­ly pro­hi­bi­ted dis­clo­sure; or
d the reci­pi­ent cre­di­bly demon­stra­tes that the data sub­ject refu­ses con­sent or blocks dis­clo­sure in order to pre­vent him/her from enfor­cing legal claims or pro­tec­ting other inte­rests wort­hy of pro­tec­tion; the data sub­ject must be given the oppor­tu­ni­ty to com­ment before­hand, if possible.

1bis Within the frame­work of offi­ci­al infor­ma­ti­on to the public, fede­ral bodies may also dis­c­lo­se per­so­nal data ex offi­cio or on the basis of the Public Infor­ma­ti­on Act of 17 Decem­ber 2004 if:

a the per­so­nal data con­cer­ned are rela­ted to the per­for­mance of public duties; and
b in the dis­clo­sure of which the­re is an over­ri­ding public interest.
2 Fede­ral bodies may also dis­c­lo­se the sur­na­me, first name, address and date of birth of a per­son on request if the requi­re­ments of para­graph 1 are not fulfilled.
3 Fede­ral bodies may make per­so­nal data acce­s­si­ble by means of a retrie­val pro­ce­du­re if this is express­ly pro­vi­ded for. Per­so­nal data requi­ring spe­cial pro­tec­tion and per­so­na­li­ty pro­files may only be made acce­s­si­ble by means of a retrie­val pro­ce­du­re if a law in the for­mal sen­se express­ly pro­vi­des for this.

3bis Fede­ral bodies may make per­so­nal data acce­s­si­ble to anyo­ne by means of auto­ma­ted infor­ma­ti­on and com­mu­ni­ca­ti­on ser­vices if a legal basis pro­vi­des for the publi­ca­ti­on of this data or if they make infor­ma­ti­on acce­s­si­ble to the public on the basis of para­graph 1bis. If the public inte­rest in making the data acce­s­si­ble no lon­ger exists, the data con­cer­ned shall be remo­ved from the auto­ma­ted infor­ma­ti­on and com­mu­ni­ca­ti­on service.

4 The fede­ral body shall refu­se, rest­rict or impo­se con­di­ti­ons on dis­clo­sure if:

a essen­ti­al public inte­rests or inte­rests of a data sub­ject which are mani­fest­ly wort­hy of pro­tec­tion so requi­re, or
b sta­tu­to­ry con­fi­den­tia­li­ty obli­ga­ti­ons or spe­cial data pro­tec­tion regu­la­ti­ons requi­re it.


Art. 20 Blocking of disclosure

1 A data sub­ject who cre­di­bly demon­stra­tes an inte­rest wort­hy of pro­tec­tion may request the fede­ral body respon­si­ble to block the dis­clo­sure of spe­ci­fic per­so­nal data.

2 The fede­ral body shall refu­se to block or shall unblock if:

a the­re is a legal obli­ga­ti­on to dis­c­lo­se; or
b the ful­fill­ment of its task would other­wi­se be jeopardized.
3 The blocking is sub­ject to Artic­le 19 para­graph 1bis.


Art. 21 Offer of docu­ments to the Fede­ral Archives

1 In accordance with the Archi­ving Act of 26 June 1998, fede­ral bodies shall offer to the Fede­ral Archi­ves all per­so­nal data that they no lon­ger requi­re on a per­ma­nent basis.

2 The fede­ral bodies shall destroy per­so­nal data desi­gna­ted by the Fede­ral Archi­ves as not being of archi­val value, unless:

a are anonymized;
b must be retai­ned for evi­den­tia­ry or secu­ri­ty pur­po­ses or to pro­tect the legi­ti­ma­te inte­rests of the data subject.


Art. 22 Edit for rese­arch, plan­ning and statistics

1 Fede­ral bodies may pro­cess per­so­nal data for non-per­so­nal pur­po­ses, in par­ti­cu­lar for rese­arch, plan­ning and sta­tis­tics, if:

a the data will be anony­mi­zed as soon as the pur­po­se of the pro­ce­s­sing allo­ws it;
b the reci­pi­ent dis­c­lo­ses the data only with the con­sent of the fede­ral enti­ty; and
c the results are published in such a way that the per­sons con­cer­ned can­not be identified.

2 The requi­re­ments of the fol­lo­wing pro­vi­si­ons need not be met:

a Artic­le 4(3) on the pur­po­se of processing
b Artic­le 17(2) on the legal basis for the pro­ce­s­sing of per­so­nal data and per­so­na­li­ty pro­files requi­ring spe­cial protection;
c Artic­le 19(1) on dis­clo­sure of per­so­nal data.


Art. 23 Acti­vi­ties of fede­ral bodies under pri­va­te law

1 If a fede­ral body acts under pri­va­te law, the pro­vi­si­ons for the pro­ce­s­sing of per­so­nal data by pri­va­te per­sons apply.
2 Super­vi­si­on shall be gover­ned by the pro­vi­si­ons appli­ca­ble to fede­ral bodies.


Art. 24

[lifted]


Art. 25 Claims and procedure

1 Anyo­ne who has an inte­rest that is wort­hy of pro­tec­tion may demand that the respon­si­ble fede­ral body:

a refrains from unlawful pro­ce­s­sing of per­so­nal data;
b eli­mi­na­tes the con­se­quen­ces of unlawful processing;
c estab­lishes the unlawful­ness of the processing.
2 If neither the accu­ra­cy nor the inac­cu­ra­cy of per­so­nal data can be pro­ven, the fede­ral body must make a cor­re­spon­ding note with the data.

3 The appli­cant may in par­ti­cu­lar request that the fede­ral body:

a cor­rects or destroys per­so­nal data or blocks dis­clo­sure to third parties;
b noti­fi­es or publishes its decis­i­on, name­ly the cor­rec­tion, des­truc­tion, blocking or the note of con­te­sta­ti­on to third parties.
4 The pro­ce­du­re shall be gover­ned by the Fede­ral Act of 20 Decem­ber 1968 on Admi­ni­stra­ti­ve Pro­ce­du­re (Admi­ni­stra­ti­ve Pro­ce­du­re Act). The excep­ti­ons in Artic­les 2 and 3 of the Admi­ni­stra­ti­ve Pro­ce­du­re Act do not apply.


Art. 25bis Pro­ce­du­re in the case of dis­clo­sure of offi­ci­al docu­ments con­tai­ning per­so­nal data


As long as a pro­ce­du­re con­cer­ning access to offi­ci­al docu­ments within the mea­ning of the Public Access Act of 17 Decem­ber 2004, which con­tain per­so­nal data, is in pro­gress, the per­son con­cer­ned may, within the frame­work of this pro­ce­du­re, assert the rights to which he or she is entit­led under Artic­le 25 of this Act in rela­ti­on to tho­se docu­ments which are the sub­ject of the access procedure.

Sec­tion 5: Fede­ral Data Pro­tec­tion and Infor­ma­ti­on Commissioner

Art. 26 Elec­tion and position

1 The Com­mis­sio­ner shall be elec­ted by the Fede­ral Coun­cil for a term of four years. The elec­tion shall be appro­ved by the Fede­ral Assembly.
2 Unless other­wi­se pro­vi­ded for in this Act, the employment rela­ti­on­ship of the Com­mis­sio­ner shall be gover­ned by the Fede­ral Per­son­nel Act of 24 March 2000.
3 The Com­mis­sio­ner shall exer­cise his func­tion inde­pendent­ly, wit­hout recei­ving ins­truc­tions from any aut­ho­ri­ty. He is admi­ni­stra­tively assi­gned to the Fede­ral Chancellery.
4 It shall have a per­ma­nent secre­ta­ri­at and its own bud­get. He hires his staff.
5 The appoin­tee shall not be sub­ject to the app­raisal system pur­su­ant to Artic­le 4 para­graph 3 of the Fede­ral Per­son­nel Act of 24 March 2000.


Art. 26a Re-elec­tion and ter­mi­na­ti­on of the term of office 

1 If the Fede­ral Coun­cil does not order non-re-elec­tion at the latest six months befo­re the expiry of the term of office for objec­tively suf­fi­ci­ent rea­sons, the Com­mis­sio­ner shall be re-elec­ted for a new term of office.
2 The Com­mis­sio­ner may request the Fede­ral Coun­cil to dis­miss him or her with effect from the end of a month, sub­ject to six months’ notice.

3 The Fede­ral Coun­cil may remo­ve the Com­mis­sio­ner from office befo­re the expiry of the term of office if the Commissioner:

a has serious­ly vio­la­ted offi­ci­al duties inten­tio­nal­ly or through gross negli­gence; or
b has per­ma­nent­ly lost the abili­ty to hold office.


Art. 26b Other employment 


The Fede­ral Coun­cil may per­mit the Com­mis­sio­ner to enga­ge in other employment if this does not impair the Commissioner’s inde­pen­dence and reputation.


Art. 27 Super­vi­si­on of fede­ral bodies

1 The Com­mis­sio­ner shall super­vi­se com­pli­ance by fede­ral bodies with this Act and the other fede­ral data pro­tec­tion regu­la­ti­ons. The Fede­ral Coun­cil is exempt from this supervision.
2 The com­mis­sio­ner shall cla­ri­fy the facts in more detail on his own initia­ti­ve or on noti­fi­ca­ti­on by third parties.
3 In the cour­se of the inve­sti­ga­ti­on, it may request the pro­duc­tion of files, obtain infor­ma­ti­on and be shown data pro­ce­s­sing. The fede­ral bodies must coope­ra­te in estab­li­shing the facts. The right to refu­se to testi­fy in accordance with Artic­le 16 of the Admi­ni­stra­ti­ve Pro­ce­du­re Act52 shall app­ly muta­tis mutandis.
4 If the cla­ri­fi­ca­ti­on reve­als that data pro­tec­tion regu­la­ti­ons are being vio­la­ted, the Com­mis­sio­ner shall recom­mend to the fede­ral body respon­si­ble that the pro­ce­s­sing be modi­fi­ed or dis­con­tin­ued. He shall inform the respon­si­ble depart­ment or the Fede­ral Chan­cel­lery of his recommendation.
5 If a recom­men­da­ti­on is not fol­lo­wed or is rejec­ted, he may sub­mit the mat­ter to the Depart­ment or the Fede­ral Chan­cel­lery for a decis­i­on. The decis­i­on shall be com­mu­ni­ca­ted to the per­sons con­cer­ned in the form of an order.
6 The Com­mis­sio­ner shall be entit­led to appeal against the order under para­graph 5 and against the decis­i­on of the appeal authority.


Art. 28 Advice to pri­va­te parties

The Com­mis­sio­ner advi­ses pri­va­te per­sons on data pro­tec­tion issues.


Art. 29 Cla­ri­fi­ca­ti­ons and recom­men­da­ti­ons in the area of pri­va­te law

1 The com­mis­sio­ner shall cla­ri­fy the facts in more detail on his own initia­ti­ve or on noti­fi­ca­ti­on by a third par­ty if:

a pro­ce­s­sing methods are likely to vio­la­te the per­so­na­li­ty of a lar­ger num­ber of per­sons (system error);
b data coll­ec­tions must be regi­stered (Artic­le 11a);
c the­re is an obli­ga­ti­on to pro­vi­de infor­ma­ti­on pur­su­ant to Artic­le 6(3).
2 In doing so, it may request files, obtain infor­ma­ti­on and be shown data pro­ce­s­sing. The right to refu­se to testi­fy in accordance with Artic­le 16 of the Admi­ni­stra­ti­ve Pro­ce­du­re Act shall app­ly muta­tis mutandis.
3 The com­mis­sio­ner may, on the basis of his or her inve­sti­ga­ti­ons, recom­mend that the editing be chan­ged or omitted.
4 If such a recom­men­da­ti­on of the Com­mis­sio­ner is not fol­lo­wed or is rejec­ted, he may sub­mit the mat­ter to the Fede­ral Admi­ni­stra­ti­ve Court for a decis­i­on. He shall be entit­led to appeal against this decision.


Art. 30 Information

1 The Com­mis­sio­ner shall report to the Fede­ral Assem­bly peri­odi­cal­ly and as requi­red. He shall simul­ta­neous­ly trans­mit the report to the Fede­ral Coun­cil. The peri­odic reports shall be published.
2 In cases of gene­ral inte­rest, it may inform the public of its fin­dings and recom­men­da­ti­ons. It may publish per­so­nal data that is sub­ject to offi­ci­al sec­re­cy only with the con­sent of the com­pe­tent aut­ho­ri­ty. If the lat­ter refu­ses to give its con­sent, the pre­si­dent of the divi­si­on of the Fede­ral Admi­ni­stra­ti­ve Court respon­si­ble for data pro­tec­tion shall take the final decision.


Art. 31 Other tasks

1 The com­mis­sio­ner shall have the fol­lo­wing addi­tio­nal duties in particular:

a It sup­ports fede­ral and can­to­nal bodies in mat­ters of data protection.
b It comm­ents on pro­po­sals for fede­ral decrees and mea­su­res that are rele­vant to data protection.
c It coope­ra­tes with dome­stic and for­eign data pro­tec­tion authorities.
d It asses­ses the ext­ent to which data pro­tec­tion legis­la­ti­on abroad ensu­res ade­qua­te protection.
e It shall exami­ne the gua­ran­tees and data pro­tec­tion rules noti­fi­ed to it in accordance with Artic­le 6(3).
f It shall exami­ne the cer­ti­fi­ca­ti­on pro­ce­du­res refer­red to in Artic­le 11 and may make recom­men­da­ti­ons the­re­on in accordance with Artic­le 27(4) or 29(3).
g It shall per­form the duties assi­gned to it by the Public Infor­ma­ti­on Act of Decem­ber 17, 2004.
2 It may also advi­se organs of the Fede­ral Admi­ni­stra­ti­on if this Act is not appli­ca­ble in accordance with Artic­le 2 para­graph 2 let­ters c and d. The organs of the Fede­ral Admi­ni­stra­ti­on may allow him to inspect their business.


Art. 32

[lifted]

Sec­tion 6: Legal protection

Art. 33

1 Legal pro­tec­tion shall be gover­ned by the gene­ral pro­vi­si­ons rela­ting to the admi­ni­stra­ti­on of fede­ral justice.
2 If, during a fact-fin­ding inve­sti­ga­ti­on in accordance with Artic­le 27 para­graph 2 or Artic­le 29 para­graph 1, the Com­mis­sio­ner estab­lishes that the per­sons con­cer­ned are threa­ten­ed with a dis­ad­van­ta­ge that can­not be easi­ly reme­di­ed, he may app­ly for pre­cau­tio­na­ry mea­su­res to the pre­si­dent of the divi­si­on of the Fede­ral Admi­ni­stra­ti­ve Court respon­si­ble for data pro­tec­tion. The pro­ce­du­re shall be gover­ned muta­tis mut­an­dis by Artic­les 79 – 84 of the Fede­ral Act of 4 Decem­ber 1947 on Fede­ral Civil Procedure.

Sec­tion 7: Penal provisions

Art. 34 Vio­la­ti­on of the duties to pro­vi­de infor­ma­ti­on, to report and to cooperate

1 Pri­va­te per­sons shall be punis­hed by a fine on application:

a who vio­la­te their obli­ga­ti­ons under Artic­les 8 – 10 and 14 by inten­tio­nal­ly pro­vi­ding fal­se or incom­ple­te information;
b who inten­tio­nal­ly fail to do so:

<

1. inform the data sub­ject in accordance with Artic­le 14(1), or

2. pro­vi­de it with the infor­ma­ti­on refer­red to in Artic­le 14(2).

2 Pri­va­te per­sons who intentionally:

a fail to pro­vi­de the infor­ma­ti­on refer­red to in Artic­le 6(3) or the noti­fi­ca­ti­on refer­red to in Artic­le 11a or inten­tio­nal­ly pro­vi­de fal­se infor­ma­ti­on in doing so;
b pro­vi­de the com­mis­sio­ner with fal­se infor­ma­ti­on or refu­se to coope­ra­te when cla­ri­fy­ing a mat­ter (Artic­le 29).

Art. 35 Vio­la­ti­on of the pro­fes­sio­nal duty of confidentiality

1 Anyo­ne who inten­tio­nal­ly dis­c­lo­ses wit­hout aut­ho­rizati­on secret per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial pro­tec­tion of which he has lear­ned in the cour­se of his pro­fes­si­on requi­ring know­ledge of such data shall be lia­ble on com­plaint to a fine.
2 Anyo­ne who inten­tio­nal­ly dis­c­lo­ses, wit­hout aut­ho­rizati­on, secret per­so­nal data or per­so­na­li­ty pro­files that are par­ti­cu­lar­ly wort­hy of pro­tec­tion and that he or she lear­ned about while working for the per­son requi­red to main­tain sec­re­cy or during trai­ning with that per­son shall be punis­hed in the same way.
3 The unaut­ho­ri­zed dis­clo­sure of secret per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial pro­tec­tion is a punis­ha­ble offence even after the pro­fes­sio­nal prac­ti­ce or trai­ning has ended.

Sec­tion 8: Final Provisions

Art. 36 Enforcement

1 The Fede­ral Coun­cil shall issue the imple­men­ting provisions.
2 …
3 It may pro­vi­de for dero­ga­ti­ons from Artic­les 8 and 9 for the pro­vi­si­on of infor­ma­ti­on by Swiss diplo­ma­tic and con­su­lar repre­sen­ta­ti­ons abroad.

4 It may also determine:

a which data coll­ec­tions requi­re pro­ce­s­sing regulations;
b under which con­di­ti­ons a fede­ral body may have per­so­nal data pro­ce­s­sed by a third par­ty or pro­cess it for a third party;
c how the means of iden­ti­fi­ca­ti­on of per­sons may be used.
5 It may con­clude inter­na­tio­nal trea­ties on data pro­tec­tion if they com­ply with the prin­ci­ples of this Act.
6 It regu­la­tes how data coll­ec­tions are to be secu­red who­se data could end­an­ger the life and limb of the per­sons con­cer­ned in the event of war or crisis.


Art. 37 Enforce­ment by the cantons

1 Inso­far as no can­to­nal data pro­tec­tion regu­la­ti­ons exist that gua­ran­tee ade­qua­te pro­tec­tion, Artic­les 1 – 11a, 16, 17, 18 – 22 and 25 para­graphs 1 – 3 of this Act shall app­ly to the pro­ce­s­sing of per­so­nal data by can­to­nal bodies when imple­men­ting fede­ral law.
2 The can­tons shall desi­gna­te a super­vi­so­ry body to ensu­re com­pli­ance with data pro­tec­tion. Artic­les 27, 30 and 31 shall app­ly muta­tis mutandis.


Art. 38 Tran­si­tio­nal provisions

1 The owners of data files must regi­ster exi­sting data files that are to be regi­stered in accordance with Artic­le 11 no later than one year after the ent­ry into force of this Act.
2 Within one year of the ent­ry into force of this Act, they must take the neces­sa­ry steps to enable them to pro­vi­de the infor­ma­ti­on in accordance with Artic­le 8.
3 Fede­ral bodies may con­ti­n­ue to use an exi­sting data file con­tai­ning per­so­nal data requi­ring spe­cial pro­tec­tion or per­so­na­li­ty pro­files until 31 Decem­ber 2000 wit­hout the requi­re­ments of Artic­le 17 para­graph 2 being met.
4 In the area of asyl­um and for­eign natio­nals, the peri­od in accordance with para­graph 3 shall be exten­ded until the ent­ry into force of the total­ly revi­sed Asyl­um Act of 26 June 1998 and the amend­ment to the Fede­ral Act of 26 March 1931 on the Resi­dence and Sett­le­ment of For­eign Nationals.

Art. 38a Tran­si­tio­nal pro­vi­si­on to the amend­ment of March 19, 2010


The elec­tion of the Com­mis­sio­ner and the ter­mi­na­ti­on of his employment shall be gover­ned by the pre­vious law until the end of the legis­la­ti­ve term in which this amend­ment enters into force.

Art. 39 Refe­ren­dum and ent­ry into force

1 This Act is sub­ject to an optio­nal referendum.
2 The Fede­ral Coun­cil shall deter­mi­ne the date of ent­ry into force.

Effec­ti­ve date: July 1, 1993