FDPO

Text of the cur­rent VDSG. The texts have been con­ver­ted auto­ma­ti­cal­ly – we thank you for poin­ting out errors.
The cur­rent DSG can be found here, the revi­sed ver­si­on here and the draft of the revi­sed VDSG here.

fold out | fold

Chap­ter 1: Pro­ces­sing of per­so­nal data by pri­va­te persons

Sec­tion 1: Right to information

Art. 1 Modalities

1 Any per­son who requests infor­ma­ti­on from the owner of a data file as to whe­ther data about him or her is being pro­ces­sed (Art. 8 FADP) must, as a rule, requ­est this in wri­ting and pro­ve his or her identity.

2 The requ­est for infor­ma­ti­on and the pro­vi­si­on of infor­ma­ti­on may be made by elec­tro­nic means if the con­trol­ler of the data file express­ly so pro­vi­des and takes rea­son­ab­le mea­su­res to:

a. ensu­re the iden­ti­fi­ca­ti­on of the data sub­ject; and

b. pro­tect the per­so­nal data of the data sub­ject from access by unaut­ho­ri­zed third par­ties when pro­vi­ding information.

3 With the con­sent of the data con­trol­ler or at his sug­ge­sti­on, the data sub­ject may also inspect his data on site. The infor­ma­ti­on may also be pro­vi­ded oral­ly if the data sub­ject has con­sen­ted and has been iden­ti­fied by the controller.

4 The infor­ma­ti­on or the rea­so­ned deci­si­on on the restric­tion of the right to infor­ma­ti­on (Art. 9 and 10 FADP) shall be pro­vi­ded wit­hin 30 days of rece­i­pt of the requ­est for infor­ma­ti­on. If the infor­ma­ti­on can­not be pro­vi­ded wit­hin 30 days, the con­trol­ler of the data file must noti­fy the app­li­cant of this and inform him of the peri­od wit­hin which the infor­ma­ti­on will be provided.

5 If one or more data files are joint­ly mana­ged by several hol­ders, the right to infor­ma­ti­on may be asser­ted against each hol­der, unless one of them is respon­si­ble for hand­ling all requests for infor­ma­ti­on. If the owner of the data file is not aut­ho­ri­zed to pro­vi­de infor­ma­ti­on, he shall for­ward the requ­est to the per­son responsible.

6 If the requ­est for infor­ma­ti­on rela­tes to data pro­ces­sed by a third par­ty on behalf of the con­trol­ler of the data file, the con­trol­ler shall for­ward the requ­est to the third par­ty for exe­cu­ti­on, unless the con­trol­ler is its­elf in a posi­ti­on to pro­vi­de information.

7 If infor­ma­ti­on about data of a decea­sed per­son is reque­sted, it shall be pro­vi­ded if the app­li­cant pro­ves an inte­rest in the infor­ma­ti­on and no over­ri­ding inte­rests of rela­ti­ves of the decea­sed per­son or of third par­ties are oppo­sed. Clo­se rela­ti­ves and mar­ria­ge to the decea­sed per­son con­sti­tu­te an interest.

Art. 2 Excep­ti­ons from the free of charge

1 A rea­son­ab­le share of the costs may excep­tio­nal­ly be requi­red if:

a. the per­son making the requ­est has alrea­dy been pro­vi­ded with the reque­sted infor­ma­ti­on in the twel­ve mon­ths pri­or to the requ­est and no inte­rest worthy of pro­tec­tion in the pro­vi­si­on of new infor­ma­ti­on can be demon­stra­ted. An inte­rest worthy of pro­tec­tion is given in par­ti­cu­lar if the per­so­nal data has been chan­ged without noti­fi­ca­ti­on to the per­son concerned;

b. the pro­vi­si­on of infor­ma­ti­on is asso­cia­ted with a par­ti­cu­lar­ly lar­ge amount of work.

2 The par­ti­ci­pa­ti­on amounts to a maxi­mum of 300 Swiss francs. The app­li­cant must be infor­med of the amount of the par­ti­ci­pa­ti­on befo­re infor­ma­ti­on is pro­vi­ded and may with­draw his requ­est wit­hin ten days.

Sec­tion 2: Regi­stra­ti­on of data collections

Art. 3 Registration

1 Data collec­tions (Art. 11a para. 3 FADP) must be noti­fied to the Federal Data Pro­tec­tion and Infor­ma­ti­on Com­mis­sio­ner (Com­mis­sio­ner) befo­re the data collec­tion is ope­ned. The noti­fi­ca­ti­on shall con­tain the fol­lo­wing information:

a. Name and address of the owner of the data collection;

b. Name and full name of the data collection;

c. Per­son with whom the right to infor­ma­ti­on can be asserted;

d. Pur­po­se of Data Collection;

e. Cate­go­ries of per­so­nal data processed;

f. Cate­go­ries of data recipients;

g. Cate­go­ries of par­ti­ci­pants in the data collec­tion, i.e. third par­ties who may enter data into the data collec­tion and make chan­ges to the data.

2 Each owner of a data collec­tion updates this infor­ma­ti­on on an ongo­ing basis. …

Art. 4 Exemp­ti­ons from the obli­ga­ti­on to register

1 Exempt from the obli­ga­ti­on to regi­ster the data collec­tions are the data collec­tions under Arti­cle 11a (5) let­ters a and c‑f FADP and the fol­lo­wing data collec­tions (Arti­cle 11a (5) let­ter b FADP):

a. Data collec­tions from sup­pliers or custo­mers, inso­far as they do not con­tain any per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial protection;

b. Data collec­tions who­se data are used exclu­si­ve­ly for non-per­so­nal pur­po­ses, name­ly in rese­arch, plan­ning and statistics;

c. archi­ved data collec­tions kept only for histo­ri­cal or sci­en­ti­fic purposes;

d. Data collec­tions that con­tain only data that has been made public or that the data sub­ject himself/herself has made gene­ral­ly acces­si­ble and the pro­ces­sing of which he/she has not express­ly prohibited;

e. Data used exclu­si­ve­ly to meet the requi­re­ments of Arti­cle 10;

f. Accoun­ting records;

g. Auxi­li­a­ry data collec­tions for the per­son­nel admi­ni­stra­ti­on of the owner of the data collec­tion, pro­vi­ded they do not con­tain any per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial protection.

2 The owner of the data files shall take the necessa­ry mea­su­res to be able to com­mu­ni­ca­te the infor­ma­ti­on (Art. 3 Para. 1) on the data files not sub­ject to the obli­ga­ti­on to regi­ster to the com­mis­sio­ner or the data sub­jects upon request.

Sec­tion 3: Dis­clo­sure abroad

Art. 5 Publi­ca­ti­on in elec­tro­nic form 

If per­so­nal data is made gene­ral­ly avail­ab­le to the public by means of auto­ma­ted infor­ma­ti­on and com­mu­ni­ca­ti­on ser­vices for the pur­po­se of pro­vi­ding infor­ma­ti­on, this shall not be deemed to be a trans­fer abroad.

Art. 6 Trans­pa­ren­cy and information

1 The con­trol­ler of the data file shall inform the Com­mis­sio­ner pri­or to [dis­clo­sure abroad of the gua­ran­tees and data pro­tec­tion rules pur­suant to Arti­cle 6 para­graph 2 let­ters a and g FADP. If the pri­or infor­ma­ti­on is not pos­si­ble, it must be pro­vi­ded immedia­te­ly after disclosure.

2 If the Com­mis­sio­ner has been infor­med of the safe­guards and the data pro­tec­tion rules, the obli­ga­ti­on to inform shall be deemed to have been ful­fil­led for all fur­ther dis­clo­sures that:

a. under the same gua­ran­tees, pro­vi­ded that the cate­go­ries of reci­pi­ents, the pur­po­se of the pro­ces­sing and the cate­go­ries of data remain sub­stan­ti­al­ly unch­an­ged; or

b. take place wit­hin the same legal enti­ty or com­pa­ny or bet­ween legal enti­ties or com­pa­nies under uni­fied manage­ment, to the extent that data pro­tec­tion rules con­ti­nue to pro­vi­de ade­qua­te protection.

3 The infor­ma­ti­on obli­ga­ti­on shall also be deemed to be ful­fil­led if data are trans­mit­ted on the basis of model con­tracts or stan­dard con­trac­tu­al clau­ses drawn up or reco­gni­zed by the com­mis­sio­ner and the com­mis­sio­ner has been infor­med in gene­ral terms by the con­trol­ler of the data file about the use of the­se model con­tracts or stan­dard con­trac­tu­al clau­ses. The com­mis­sio­ner shall publish a list of the model con­tracts and stan­dard con­trac­tu­al clau­ses drawn up or reco­gni­zed by it.

4 The Data Con­trol­ler shall take rea­son­ab­le mea­su­res to ensu­re that the Reci­pi­ent com­plies with the safe­guards and data pro­tec­tion rules.

5 The Com­mis­sio­ner shall exami­ne the gua­ran­tees and data pro­tec­tion rules com­mu­ni­ca­ted to him (Art. 31(1)(e) FADP) and shall noti­fy the con­trol­ler of the data file of the result of his exami­na­ti­on wit­hin 30 days of rece­i­pt of the information.

Art. 7 List of sta­tes with ade­qua­te data pro­tec­tion legislation

The com­mis­sio­ner publishes a list of sta­tes who­se legis­la­ti­on ensu­res ade­qua­te data protection.

Sec­tion 4: Tech­ni­cal and orga­niz­a­tio­nal measures

Art. 8 Gene­ral measures

1 Anyo­ne who pro­ces­ses per­so­nal data or pro­vi­des a data com­mu­ni­ca­ti­ons net­work as a pri­va­te indi­vi­du­al shall ensu­re the con­fi­dentia­li­ty, avai­la­bi­li­ty and inte­gri­ty of the data in order to gua­ran­tee ade­qua­te data pro­tec­tion. In par­ti­cu­lar, he pro­tects the systems against the fol­lo­wing risks:

a. unaut­ho­ri­zed or acci­den­tal destruction;

b. acci­den­tal loss;

c. tech­ni­cal errors;

d. For­ge­ry, theft or unlaw­ful use;

e. unaut­ho­ri­zed modi­fi­ca­ti­on, copy­ing, access or other unaut­ho­ri­zed editing.

2 The tech­ni­cal and orga­niz­a­tio­nal mea­su­res must be appro­pria­te. In par­ti­cu­lar, they shall take into account the fol­lo­wing criteria:

a. Pur­po­se of data processing;

b. Natu­re and scope of data processing;

c. Assess­ment of poten­ti­al risks to affec­ted individuals;

d. cur­rent sta­te of the art.

3 The­se mea­su­res are to be review­ed periodically.

Art. 9 Spe­cial measures

1 In par­ti­cu­lar, the data con­trol­ler shall take tech­ni­cal and orga­niz­a­tio­nal mea­su­res for the auto­ma­ted pro­ces­sing of per­so­nal data that are sui­ta­ble to meet the fol­lo­wing objectives:

a. Access con­trol: unaut­ho­ri­zed per­sons shall be denied access to the faci­li­ties whe­re per­so­nal data are processed;

b. Per­so­nal data car­ri­er con­trol: unaut­ho­ri­zed per­sons must be pre­ven­ted from rea­ding, copy­ing, modi­fy­ing or remo­ving data carriers;

c. Trans­port con­trol: during the dis­clo­sure of per­so­nal data as well as during the trans­port of data car­ri­ers, it must be pre­ven­ted that the data can be read, copied, chan­ged or dele­ted without authorization;

d. Dis­clo­sure con­trol: Data reci­pi­ents to whom per­so­nal data is dis­c­lo­sed by means of data trans­mis­si­on equip­ment must be identifiable;

e. Memo­ry con­trol: unaut­ho­ri­zed ent­ry into the memo­ry and unaut­ho­ri­zed viewing, modi­fi­ca­ti­on or dele­ti­on of stored per­so­nal data must be prevented;

f. User con­trol: the use of auto­ma­ted data pro­ces­sing systems by means of data trans­mis­si­on equip­ment by unaut­ho­ri­zed per­sons shall be prevented;

g. Access con­trol: the access of aut­ho­ri­zed per­sons shall be limi­ted to tho­se per­so­nal data they need to ful­fill their task;

h. Input con­trol: in auto­ma­ted systems, it must be pos­si­ble to check retro­spec­tively which per­so­nal data was ente­red at what time and by which person.

2 The data collec­tions shall be desi­gned in such a way that the data sub­jects can exer­cise their right of access and their right of rectification.

Art. 10 Logging

1 The con­trol­ler of the data file shall log the auto­ma­ted pro­ces­sing of per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial pro­tec­tion if the pre­ven­ti­ve mea­su­res can­not gua­ran­tee data pro­tec­tion. Log­ging must be car­ri­ed out in par­ti­cu­lar if it can­not other­wi­se be deter­mi­ned retro­spec­tively whe­ther the data was pro­ces­sed for the pur­po­ses for which it was collec­ted or dis­c­lo­sed. The commissioner14 may also recom­mend log­ging for other pro­ces­sing operations.

2 The minu­tes shall be recor­ded in an audita­ble man­ner for a peri­od of one year. They are acces­si­ble exclu­si­ve­ly to the bodies or pri­va­te per­sons who are respon­si­ble for moni­to­ring data pro­tec­tion regu­la­ti­ons and may be used only for this purpose.

Art. 11 Pro­ces­sing regulations

1 The con­trol­ler of an auto­ma­ted data file sub­ject to noti­fi­ca­ti­on ([Art. 11a para. 3 FADP) that is not exempt from the noti­fi­ca­ti­on requi­re­ment on the basis of Arti­cle 11a para. 5 let­ters b‑d FADP shall draw up pro­ces­sing regu­la­ti­ons that descri­be in par­ti­cu­lar the inter­nal orga­niz­a­ti­on as well as the data pro­ces­sing and con­trol pro­ce­du­re and con­tain the docu­ments rela­ting to the plan­ning, rea­liz­a­ti­on and ope­ra­ti­on of the data file and the IT resources.

2 The con­trol­ler of the data file shall update the regu­la­ti­ons regu­lar­ly. He shall make it avail­ab­le to the com­mis­sio­ner or the data pro­tec­tion offi­cer pur­suant to Arti­cle 11a (5) let­ter e FADP on requ­est in a form that they can understand.

Art. 12 Dis­clo­sure of data

The data con­trol­ler shall noti­fy the data reci­pi­ent of the time­li­ness and relia­bi­li­ty of the per­so­nal data dis­c­lo­sed by the data con­trol­ler, unless this infor­ma­ti­on is appa­rent from the data its­elf or from the circumstances.

Sec­tion 5: Data Pro­tec­tion Officer

Art. 12a Desi­gna­ti­on of the data pro­tec­tion offi­cer and noti­fi­ca­ti­on to the commissioner

1 If the con­trol­ler of the data file wis­hes to be exemp­ted from the obli­ga­ti­on to regi­ster the data file pur­suant to Arti­cle 11a para­graph 5 let­ter e FADP, he must:

a. desi­gna­te an ope­ra­tio­nal data pro­tec­tion offi­cer who meets the requi­re­ments of para­graph 2 and of Arti­cle 12b; and

b. inform the Com­mis­sio­ner of the desi­gna­ti­on of the data pro­tec­tion officer.

2 The owner of the data collec­tion may desi­gna­te an employee or a third par­ty as data pro­tec­tion offi­cer. This per­son may not per­form any other acti­vi­ties that are incom­pa­ti­ble with his/her duties as data pro­tec­tion offi­cer and must have the requi­red expertise.

Art. 12b Tasks and posi­ti­on of the data pro­tec­tion officer

1 The data pro­tec­tion offi­cer has the fol­lo­wing tasks in particular:

a. It reviews the pro­ces­sing of per­so­nal data and recom­mends cor­rec­ti­ve mea­su­res if it finds that data pro­tec­tion regu­la­ti­ons have been violated.

b. It shall main­tain a list of the data files pur­suant to Arti­cle 11a para­graph 3 FADP kept by the data file owner; this list shall be made avail­ab­le to the com­mis­sio­ner or to data sub­jects who sub­mit a requ­est to this effect.

2 The Data Pro­tec­tion Officer:

a. exer­cises his func­tion in a pro­fes­sio­nal­ly inde­pen­dent man­ner, without being sub­ject to inst­ruc­tions from the owner of the data collec­tion in this respect;

b. has the resour­ces necessa­ry to per­form its duties;

c. has access to all data collec­tions and data pro­ces­sing, as well as to all infor­ma­ti­on he needs to ful­fill his task.

Chap­ter 2: Pro­ces­sing of Per­so­nal Data by Federal Bodies

Sec­tion 1: Right to information

Art. 13 Modalities

Arti­cles 1 and 2 shall app­ly muta­tis mutan­dis to requests for infor­ma­ti­on addres­sed to federal bodies.

Art. 14 Requests for infor­ma­ti­on to Swiss diplo­ma­tic mis­si­ons abroad

1 Switzerland’s repre­sen­ta­ti­ons abroad and its mis­si­ons to the Euro­pean Com­mu­nities and to inter­na­tio­nal orga­niz­a­ti­ons shall for­ward requests for infor­ma­ti­on sub­mit­ted to them to the com­pe­tent office in the Federal Depart­ment of For­eign Affairs. The Depart­ment regu­la­tes the responsibilities.

2 In all other respects, the pro­vi­si­ons of the Ordi­nan­ce of 10 Decem­ber 2004 on Mili­ta­ry Con­trol app­ly to requests for infor­ma­ti­on on mili­ta­ry con­trol abroad.

Art. 15

Sec­tion 2: Regi­stra­ti­on of data collections

Art. 16 Registration

1 The respon­si­ble federal bodies (Art. 16 FADP) shall noti­fy the Com­mis­sio­ner of all data collec­tions they main­tain befo­re they are ope­ned. The noti­fi­ca­ti­on shall con­tain the fol­lo­wing information:

a. Name and address of the respon­si­ble federal body;

b. Name and full name of the data collection;

c. the body to which the right of access may be asserted;

d. Legal basis and pur­po­se of data collection;

e. Cate­go­ries of per­so­nal data processed;

f. Cate­go­ries of reci­pi­ents of the data;

g. Cate­go­ries of par­ti­ci­pants in the data collec­tion, i.e. third par­ties who may enter and modi­fy data in a data collection.

h.

2 The respon­si­ble federal body updates this infor­ma­ti­on on an ongo­ing basis.

Art. 17

Art. 18 Exemp­ti­ons from the obli­ga­ti­on to register

1 The fol­lo­wing data collec­tions are not sub­ject to the obli­ga­ti­on to regi­ster, pro­vi­ded that the federal bodies use them exclu­si­ve­ly for inter­nal admi­ni­stra­ti­ve purposes:

a. Cor­re­spon­dence registries;

b. Data collec­tions from sup­pliers or custo­mers, inso­far as they do not con­tain any per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial protection;

c. Address collec­tions that are used sole­ly for addres­sing pur­po­ses, pro­vi­ded they do not con­tain any per­so­nal data or per­so­na­li­ty pro­files that requi­re spe­cial protection;

d. Lists for com­pen­sa­ti­on payments;

e. Accoun­ting records;

f. Auxi­li­a­ry data collec­tions for federal per­son­nel admi­ni­stra­ti­on, inso­far as they do not con­tain any per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial protection;

g. Libra­ry data collec­tions (aut­hor cata­logs, bor­rower and user directories).

2 Also not sub­ject to the regi­stra­ti­on requirement:

a. Data collec­tions archi­ved at the Federal Archives;

b. Data collec­tions made avail­ab­le to the public in the form of directories;

c. Data collec­tions who­se data are used exclu­si­ve­ly for non-per­so­nal pur­po­ses, name­ly in rese­arch, plan­ning and statistics.

3 The federal body respon­si­ble shall take the necessa­ry mea­su­res to be able to com­mu­ni­ca­te the infor­ma­ti­on (Art. 16 para. 1) on data files not sub­ject to the obli­ga­ti­on to decla­re to the Com­mis­sio­ner or to the data sub­jects upon request.

Sec­tion 3: Dis­clo­sure abroad

Art. 19

If a federal body dis­c­lo­ses per­so­nal data abroad on the basis of Arti­cle 6 para­graph 2 let­ter a FADP, Arti­cle 6 shall apply.

Sec­tion 4: Tech­ni­cal and orga­niz­a­tio­nal measures

Art. 20 Principles

1 The federal bodies respon­si­ble shall take the tech­ni­cal and orga­niz­a­tio­nal mea­su­res requi­red in accordance with Arti­cles 8 – 10 to pro­tect the per­so­na­li­ty and fun­da­men­tal rights of the per­sons about whom data are pro­ces­sed. In the case of auto­ma­ted data pro­ces­sing, the federal bodies shall coope­ra­te with the Federal Stra­te­gy Unit for IT (FSUIT).

2 The federal bodies respon­si­ble shall noti­fy the data pro­tec­tion offi­cer pur­suant to Arti­cle 11a para­graph 5 let­ter e FADP or, if the­re is no such offi­cer, the Com­mis­sio­ner without delay of all pro­jects invol­ving the auto­ma­ted pro­ces­sing of per­so­nal data so that the requi­re­ments of data pro­tec­tion are taken into account immedia­te­ly. The noti­fi­ca­ti­on to the Com­mis­sio­ner shall be made via the FSUIT if the pro­ject must also be noti­fied to the latter.

3 The Com­mis­sio­ner and the FSUIT shall coope­ra­te wit­hin the frame­work of their acti­vi­ties con­cer­ning tech­ni­cal mea­su­res. The Com­mis­sio­ner shall obtain the opi­ni­on of the FSUIT befo­re recom­men­ding such measures.

4 In all other respects, the direc­ti­ves issued by the respon­si­ble federal bodies on the basis of the Federal IT Ordi­nan­ce of Sep­tem­ber 26, 2003 are applicable.

Art. 21 Pro­ces­sing regulations

1 The respon­si­ble federal bodies shall estab­lish pro­ces­sing regu­la­ti­ons for auto­ma­ted data collec­tions that:

a. con­tain par­ti­cu­lar­ly sen­si­ti­ve data or per­so­na­li­ty profiles;

b. be used by several federal bodies;

c. made avail­ab­le to can­tons, for­eign aut­ho­ri­ties, inter­na­tio­nal orga­niz­a­ti­ons or pri­va­te per­sons; or

d. are lin­ked to other data collections.

2 The respon­si­ble federal body defi­nes its inter­nal orga­niz­a­ti­on in the pro­ces­sing regu­la­ti­ons. The­se regu­la­ti­ons descri­be in par­ti­cu­lar the data pro­ces­sing and con­trol pro­ce­du­res and con­tain all the docu­ments rela­ting to the plan­ning, imple­men­ta­ti­on and ope­ra­ti­on of the data collec­tion. The regu­la­ti­ons con­tain the infor­ma­ti­on requi­red for the reporting obli­ga­ti­on (Art. 16) as well as infor­ma­ti­on on:

a. the body respon­si­ble for data pro­tec­tion and data secu­ri­ty of the data;

b. the ori­gin of the data;

c. the pur­po­ses for which the data are regu­lar­ly disclosed;

d. the con­trol pro­ce­du­res and in par­ti­cu­lar the tech­ni­cal and orga­niz­a­tio­nal mea­su­res pur­suant to Arti­cle 20;

e. the descrip­ti­on of the data fiel­ds and the orga­niz­a­tio­nal units that have access to them;

f. The natu­re and extent of access by users of the data collection;

g. the data pro­ces­sing pro­ce­du­res, in par­ti­cu­lar tho­se rela­ting to the rec­ti­fi­ca­ti­on, blocking, anony­miz­a­ti­on, sto­rage, reten­ti­on, archi­ving or dest­ruc­tion of the data;

h. the con­fi­gu­ra­ti­on of the infor­ma­tics means;

i. the pro­ce­du­re for exer­ci­s­ing the right to information.

3 The regu­la­ti­ons are updated regu­lar­ly. It is made avail­ab­le to the respon­si­ble con­trol bodies in a form that they can understand.

“h4″ class=“collapseomatic ” id=“id62f10b977ef34” tabindex=“0” title=”“Art.” >“Art.

1

2 The federal body that has per­so­nal data pro­ces­sed by third par­ties remains respon­si­ble for data pro­tec­tion. It shall ensu­re that the data are pro­ces­sed in accordance with the man­da­te, in par­ti­cu­lar with regard to their use and disclosure.

3 If the third par­ty is not sub­ject to the FADP, the respon­si­ble body shall ensu­re that other legal pro­vi­si­ons gua­ran­tee equi­va­lent data pro­tec­tion, other­wi­se it shall ensu­re this by con­trac­tu­al means.

Art. 23 Advi­sor for data protection

1 The Federal Chan­cel­le­ry and the depart­ments shall each desi­gna­te at least one advi­sor for data pro­tec­tion. This advi­sor has the fol­lo­wing tasks:

a. Sup­port of the respon­si­ble bodies and users;

b. Pro­mo­te infor­ma­ti­on and trai­ning of employees;

c. Par­ti­ci­pa­te in the enfor­ce­ment of data pro­tec­tion regulations.

2 If federal bodies wish to be exemp­ted from the obli­ga­ti­on to regi­ster their data files pur­suant to Arti­cle 11a para­graph 5 let­ter e FADP, Arti­cles 12a and 12b shall apply.

3 Federal agen­ci­es com­mu­ni­ca­te with the Com­mis­sio­ner through the Consultant.

Sec­tion 5: Spe­cial provisions

Art. 24 Obtai­ning per­so­nal data

If the per­son que­stio­ned is not obli­ged to pro­vi­de infor­ma­ti­on, the federal body syste­ma­ti­cal­ly obtai­ning the per­so­nal data by means of a que­sti­onn­aire must inform him or her that the pro­vi­si­on of infor­ma­ti­on is voluntary.

Art. 25 Per­so­nal iden­ti­fi­ca­ti­on number

1 The federal body that intro­du­ces a per­so­nal iden­ti­fi­ca­ti­on num­ber for the manage­ment of its data collec­tion crea­tes a non-spea­king num­ber that is used in its own field of acti­vi­ty. A non-spea­king num­ber is any uni­que or rever­si­b­ly uni­que sum of cha­rac­ters assi­gned to each per­son regi­stered in a data collec­tion, from which no con­clu­si­ons can be drawn about the person.

2 The use of the per­so­nal iden­ti­fi­ca­ti­on num­ber by other federal or can­to­nal bodies and by pri­va­te per­sons must be aut­ho­ri­zed by the federal body concerned.

3 Aut­ho­riz­a­ti­on may be gran­ted if the­re is a clo­se con­nec­tion bet­ween the inten­ded data pro­ces­sing and the data pro­ces­sing for which the per­so­nal iden­ti­fi­ca­ti­on num­ber was created.

4 In all other respects, the use of the AHV num­ber is gover­ned by AHV legislation.

Art. 26 Dis­clo­sure of data

The respon­si­ble federal body shall noti­fy the data reci­pi­ent of the time­li­ness and relia­bi­li­ty of the per­so­nal data dis­c­lo­sed by it, unless this infor­ma­ti­on is evi­dent from the data its­elf or from the circumstances.

Art. 27 Pro­ce­du­re for the appro­val of pilot trials

1 Pri­or to con­sul­ting the inte­re­sted admi­ni­stra­ti­ve units, the federal body respon­si­ble for the pilot test shall set out for the atten­ti­on of the Com­mis­sio­ner how com­pli­an­ce with the requi­re­ments under Arti­cle 17a FADP is to be ensu­red and shall invi­te the Com­mis­sio­ner to sub­mit comments.

2 The Com­mis­sio­ner shall com­ment on whe­ther the licen­sing requi­re­ments under Arti­cle 17a para­graphs 1 and 2 FADP are met. The com­pe­tent federal body shall pro­vi­de him with all docu­ments necessa­ry for this pur­po­se, in particular:

a. A gene­ral descrip­ti­on of the pilot test;

b. a report pro­ving that the ful­fill­ment of the tasks pro­vi­ded for by law requi­res the pro­ces­sing of per­so­nal data or per­so­na­li­ty pro­files requi­ring spe­cial pro­tec­tion and that a test pha­se is man­da­to­ry in the for­mal sen­se befo­re the law enters into for­ce (Art. 17a para. 1 let. c FADP);

c. a descrip­ti­on of the inter­nal orga­niz­a­ti­on and the data pro­ces­sing and con­trol pro­ce­du­res (Art. 21);

d. a descrip­ti­on of the secu­ri­ty and data pro­tec­tion measures;

e. the draft or con­cept of an ordi­nan­ce regu­la­ting the details of processing;

f. the infor­ma­ti­on con­cer­ning the plan­ning of the dif­fe­rent pha­ses of the pilot test.

3 The com­mis­sio­ner may requ­est fur­ther docu­ments and make addi­tio­nal clarifications.

4 The com­pe­tent federal body shall inform the Com­mis­sio­ner of any important chan­ge affec­ting com­pli­an­ce with the requi­re­ments of Arti­cle 17a FADP. The Com­mis­sio­ner shall com­ment again if necessary.

5 The opi­ni­on of the com­mis­sio­ner shall be atta­ched to the app­li­ca­ti­on to the Federal Council.

Art. 27a Eva­lua­ti­on report for pilot tests

The com­pe­tent federal body shall sub­mit the draft eva­lua­ti­on report to the Federal Coun­cil (Art. 17a Para. 4 FADP) for the Commissioner’s opi­ni­on. The commissioner’s opi­ni­on shall be brought to the atten­ti­on of the Federal Council.

Chap­ter 3: Regi­ster of Data Collec­tions, Federal Data Pro­tec­tion and Infor­ma­ti­on Com­mis­sio­ner and Pro­ce­e­dings befo­re the Federal Admi­ni­stra­ti­ve Court

Sec­tion 1: Regi­ster and regi­stra­ti­on of data collections

Art. 28 Regi­ster of data collections

1 The regi­ster kept by the Com­mis­sio­ner shall con­tain the infor­ma­ti­on refer­red to in Arti­cles 3 and 16.

2 The regi­ster is acces­si­ble to the public online. The com­mis­sio­ner shall pro­vi­de excerp­ts free of char­ge upon request.

3 The Com­mis­sio­ner shall main­tain a list of data file owners who are exempt from their obli­ga­ti­on to regi­ster data files in accordance with Arti­cle 11a para­graph 5 let­ters e and f FADP. This direc­to­ry is acces­si­ble to the public online.

4 If the owner of the data file does not regi­ster his data file or does not regi­ster it com­ple­te­ly, the com­mis­sio­ner shall set him a dead­line to com­ply with his obli­ga­ti­ons. After expi­ry of the dead­line, he may, on the basis of the infor­ma­ti­on avail­ab­le to him, regi­ster the data file ex offi­cio or recom­mend that it be discontinued.

Art. 29

Sec­tion 2: [Federal Data Pro­tec­tion and Infor­ma­ti­on Commissioner

Art. 30 Seat and legal status

1 The seat and secre­ta­ri­at of the com­mis­sio­ner are loca­ted in Bern.

2 The employ­ment rela­ti­ons­hip of the secre­ta­ri­at of the Com­mis­sio­ner is gover­ned by the Federal Per­son­nel Act of March 24, 2000 and its imple­men­ting provisions.

3 The Commissioner’s bud­get is listed in a spe­cial sec­tion of the Chancellor’s Office budget.

Art. 31 Rela­ti­ons with other aut­ho­ri­ties and pri­va­te persons

1 The Com­mis­sio­ner shall com­mu­ni­ca­te with the Bun­des­rat through the Federal Chan­cellor. The lat­ter shall for­ward all recom­men­da­ti­ons and reports of the Com­mis­sio­ner to the Bun­des­rat, even if he can­not agree with them.

1bis The Com­mis­sio­ner shall trans­mit the reports inten­ded for the Federal Assem­bly direct­ly to the Par­lia­men­ta­ry Services.

2 The Com­mis­sio­ner shall com­mu­ni­ca­te direct­ly with the other admi­ni­stra­ti­ve units, the federal courts, for­eign data pro­tec­tion aut­ho­ri­ties and with all other aut­ho­ri­ties and pri­va­te per­sons sub­ject to federal data pro­tec­tion legis­la­ti­on or legis­la­ti­on on the princip­le of admi­ni­stra­ti­ve openness.

Art. 32 Documentation

1 The federal bodies shall sub­mit to the Com­mis­sio­ner all draft legis­la­ti­on rela­ting to the pro­ces­sing of per­so­nal data, data pro­tec­tion and access to offi­cial docu­ments. In the area of data pro­tec­tion, the depart­ments and the Federal Chan­cel­le­ry noti­fy him of their deci­si­ons in anony­mi­zed form as well as their guidelines.

2 The com­mis­sio­ner must have docu­men­ta­ti­on suf­fi­ci­ent for his acti­vi­ty. He shall ope­ra­te an inde­pen­dent infor­ma­ti­on and docu­men­ta­ti­on system for the manage­ment, index­ing and con­trol of cor­re­spon­dence and dos­siers, as well as for the publi­ca­ti­on of infor­ma­ti­on of gene­ral inte­rest and the regi­ster of data collec­tions on the Internet.

3 The Federal Admi­ni­stra­ti­ve Court has access to the sci­en­ti­fic docu­men­ta­ti­on of the Commissioner.

Art. 33 Fees

1 A fee is char­ged for the expert opi­ni­ons (Art. 28 FADP) of the com­mis­sio­ner. The pro­vi­si­ons of the Gene­ral Fees Ordi­nan­ce of 8 Sep­tem­ber 2004 are applicable.

2 No fee is char­ged to admi­ni­stra­ti­ve units of the Con­fe­de­ra­ti­on, aut­ho­ri­ties and cantons.

Art. 34 Checking the pro­ces­sing of per­so­nal data

1 For the cla­ri­fi­ca­ti­on of the facts pur­suant to Arti­cles 27 and 29 FADP, in par­ti­cu­lar when checking the law­ful­ness of the data pro­ces­sing, the Com­mis­sio­ner may requ­est the fol­lo­wing infor­ma­ti­on in par­ti­cu­lar from the con­trol­ler of the data file:

a. tech­ni­cal and orga­niz­a­tio­nal mea­su­res (Art. 8 – 10, 20) that have been taken or are planned;

b. the regu­la­ti­ons con­cer­ning the cor­rec­tion, blocking, anony­miz­a­ti­on, sto­rage, reten­ti­on and dest­ruc­tion of per­so­nal data;

c. the con­fi­gu­ra­ti­on of the infor­ma­tics means;

d. the links with other data collections;

e. the method of dis­clo­sure of the data;

f. the descrip­ti­on of the data fiel­ds and the orga­niz­a­tio­nal units that have access to them;

g. The type and extent of user access to data in the data collection.

2 In the case of dis­clo­sures abroad, the com­mis­sio­ner may requ­est addi­tio­nal infor­ma­ti­on, in par­ti­cu­lar about the pro­ces­sing pos­si­bi­li­ties of the data reci­pi­ent or about the mea­su­res taken for data protection.

Sec­tion 3: Pro­ce­e­dings befo­re the Federal Admi­ni­stra­ti­ve Court

Art. 35

1 The Federal Admi­ni­stra­ti­ve Court may requ­est that data pro­ces­sing ope­ra­ti­ons be sub­mit­ted to it.

2 It shall noti­fy the com­mis­sio­ner of its decisions.

Chap­ter 4: Final Provisions

Art. 36 Amend­ment of the pre­vious law

[…]

Art. 37 Tran­si­tio­nal provisions

1 Data collec­tions in pro­cess at the time of enact­ment of the Pri­va­cy Act and this regu­la­ti­on shall be regi­stered with the Com­mis­sio­ner by June 30, 1994.

2 The tech­ni­cal and orga­niz­a­tio­nal mea­su­res (Arti­cles 8 – 11, 20 and 21) must be imple­men­ted wit­hin five years of the ent­ry into for­ce of this Ordi­nan­ce for all auto­ma­ted pro­ces­sing and data collection.

Art. 38 Ent­ry into force

This Regu­la­ti­on shall enter into for­ce on July 1, 1993.

Table of Contents