DSG auf Englisch

Die Über­set­zung ins Eng­li­sche stammt von Hugh Ree­ves und Corin­ne Gil­gen (bei­de Wal­der Wyss). Sie kann unter einer CC BY-ND 4.0‑Lizenz ver­wen­det wer­den. Eine Fas­sung als PDF fin­det sich hier. Die deut­sche Fas­sung fin­det sich hier.
aus­klap­pen | ein­klap­pen

Chap­ter 1: Pur­po­se, Scope and Super­vi­so­ry Aut­ho­ri­ty of the Confederation

Art. 1 Purpose

This Act aims to pro­tect the per­so­na­li­ty rights and the fun­da­men­tal rights of natu­ral per­sons who­se per­so­nal data is processed. 

Art. 2 Per­so­nal and mate­ri­al scope

1 This Act applies to the pro­ce­s­sing of per­so­nal data per­tai­ning to natu­ral per­sons by:
a. pri­va­te persons;
b. fede­ral bodies.
2 It does not app­ly to:
a. per­so­nal data that is pro­ce­s­sed by a natu­ral per­son exclu­si­ve­ly for per­so­nal use;
b. per­so­nal data that is pro­ce­s­sed by the Fede­ral Cham­bers and par­lia­men­ta­ry com­mit­tees in con­nec­tion with their deliberations;
c. per­so­nal data that is pro­ce­s­sed by insti­tu­tio­nal bene­fi­ci­a­ries accor­ding to Artic­le 2 para­graph 1 of the Host Sta­te Act of 22 June 2007, which enjoy immu­ni­ty in Switzerland.
3 The pro­ce­s­sing of per­so­nal data and the rights of the data sub­jects in court pro­ce­e­dings and pro­ce­e­dings gover­ned by the fede­ral rules of pro­ce­du­re are gover­ned by the appli­ca­ble pro­ce­du­re law. The pre­sent Act applies to first instance admi­ni­stra­ti­ve proceedings.
4 The public regi­sters per­tai­ning to pri­va­te law rela­ti­on­ships, in par­ti­cu­lar the access to the­se regi­sters and the rights of the data sub­jects, are gover­ned by the spe­cial pro­vi­si­ons of the appli­ca­ble fede­ral law. If the spe­cial pro­vi­si­ons do not con­tain any rules, this Act shall apply.

Art. 3 Ter­ri­to­ri­al scope

1 This Act is appli­ca­ble to fact pat­terns that have an effect in Switz­er­land, even if they occur­red abroad.
2 The Fede­ral Act of 18 Decem­ber 1987 on Pri­va­te Inter­na­tio­nal Law applies to claims under civil law. The pro­vi­si­ons on the ter­ri­to­ri­al scope of the Swiss Cri­mi­nal Code remain reserved.

Art. 4 Fede­ral Data Pro­tec­tion and Infor­ma­ti­on Commissioner

1 The Fede­ral Data Pro­tec­tion and Infor­ma­ti­on Com­mis­sio­ner (FDPIC) super­vi­ses the pro­per appli­ca­ti­on of the fede­ral data pro­tec­tion regulations.
2 The fol­lo­wing are exclu­ded from the FDPIC’s super­vi­si­on:
a. the Fede­ral Assembly;
b. the Fede­ral Council;
c. the fede­ral courts;
d. the Office of the Att­or­ney Gene­ral of the Con­fe­de­ra­ti­on as regards the pro­ce­s­sing of per­so­nal data in cri­mi­nal proceedings;
e. fede­ral aut­ho­ri­ties as regards the pro­ce­s­sing of per­so­nal data in the con­text of a juris­dic­tion­al acti­vi­ty or of inter­na­tio­nal mutu­al assi­stance pro­ce­e­dings in cri­mi­nal matters.

Chap­ter 2: Gene­ral Provisions

Sec­tion 1 Defi­ni­ti­ons and Principles

Art. 5 Definitions

The fol­lo­wing defi­ni­ti­ons app­ly in this Act:
a. per­so­nal data: all infor­ma­ti­on rela­ting to an iden­ti­fi­ed or iden­ti­fia­ble natu­ral person;
b. data sub­ject: natu­ral per­son who­se per­so­nal data is processed;
c. sen­si­ti­ve per­so­nal data:
1. data on reli­gious, ideo­lo­gi­cal, poli­ti­cal or trade uni­on-rela­ted views or activities,
2. data on health, the inti­ma­te sphe­re or the racial or eth­nic origin,
3. gene­tic data,
4. bio­me­tric data which unequi­vo­cal­ly iden­ti­fi­es a natu­ral person,
5. data on admi­ni­stra­ti­ve or cri­mi­nal pro­ce­e­dings and sanctions,
6. data on social secu­ri­ty measures;
d. pro­ce­s­sing: any ope­ra­ti­on with per­so­nal data, irre­spec­ti­ve of the means and the pro­ce­du­res applied, and in par­ti­cu­lar the coll­ec­tion, recor­ding, sto­rage, use, modi­fi­ca­ti­on, dis­clo­sure, archi­ving, dele­ti­on or des­truc­tion of data;
e. dis­clo­sure: trans­mit­ting or making per­so­nal data accessible;
f. pro­fil­ing: any form of auto­ma­ted pro­ce­s­sing of per­so­nal data con­si­sting of using such data to assess cer­tain per­so­nal aspects rela­ting to a natu­ral per­son, in par­ti­cu­lar to ana­ly­se or pre­dict aspects rela­ting to that natu­ral person’s per­for­mance at work, eco­no­mic situa­ti­on, health, per­so­nal pre­fe­ren­ces, inte­rests, relia­bi­li­ty, beha­viour, loca­ti­on or whereabouts;
g. High-risk pro­fil­ing: pro­fil­ing which invol­ves a high risk to the per­so­na­li­ty or fun­da­men­tal rights of the data sub­ject, as it crea­tes a pai­ring bet­ween data that enables an assess­ment of essen­ti­al aspects of the per­so­na­li­ty of a natu­ral person;
h. data secu­ri­ty breach: a secu­ri­ty breach which leads to an unin­ten­tio­nal or unlawful loss, dele­ti­on, des­truc­tion or modi­fi­ca­ti­on of per­so­nal data or to per­so­nal data being dis­c­lo­sed or made acce­s­si­ble to unaut­ho­ri­sed persons;
i. fede­ral body: fede­ral aut­ho­ri­ty or ser­vice or per­son that is ent­ru­sted with fede­ral public tasks;
j. con­trol­ler: pri­va­te per­son or fede­ral body that alo­ne or joint­ly with others deci­des on the pur­po­se and the means of the processing;
k. pro­ces­sor: pri­va­te per­son or fede­ral body that pro­ce­s­ses per­so­nal data on behalf of the controller.

Art. 6 Principles

1 Per­so­nal data must be pro­ce­s­sed lawfully.
2 Pro­ce­s­sing must be car­ri­ed out in good faith and must be proportionate.
3 Per­so­nal data may only be coll­ec­ted for a spe­ci­fic pur­po­se which is evi­dent to the data sub­ject; per­so­nal data may only be pro­ce­s­sed in a way that is com­pa­ti­ble with such purpose.
4 It is destroy­ed or anony­mi­zed as soon as it is no lon­ger nee­ded with regard to the pur­po­se of the processing.
5 Anyo­ne who pro­ce­s­ses per­so­nal data must ascer­tain that the data is accu­ra­te. He must take all appro­pria­te mea­su­res so that the data which is inac­cu­ra­te or incom­ple­te with regard to the pur­po­ses for which it was coll­ec­ted or pro­ce­s­sed is cor­rec­ted, dele­ted or destroy­ed. The appro­pria­ten­ess of the mea­su­res depends in par­ti­cu­lar on the natu­re and ext­ent of the data pro­ce­s­sing and on the risks which the pro­ce­s­sing ent­ails for the per­so­na­li­ty and fun­da­men­tal rights of the data subjects.
6 If the con­sent of the data sub­ject is requi­red, such con­sent is only valid if it has been given free­ly and for one or seve­ral spe­ci­fic pro­ce­s­sing acti­vi­ties and after ade­qua­te information.
7 Con­sent must be given expli­ci­t­ly for:
a. the pro­ce­s­sing of sen­si­ti­ve per­so­nal data;
b. high-risk pro­fil­ing by a pri­va­te per­son; or
c. pro­fil­ing by a fede­ral body.

Art. 7 Data pro­tec­tion by design and by default

1 The con­trol­ler must set up tech­ni­cal and orga­ni­sa­tio­nal mea­su­res in order for the data pro­ce­s­sing to meet the data pro­tec­tion regu­la­ti­ons and in par­ti­cu­lar the prin­ci­ples set out in Artic­le 6. It con­siders this obli­ga­ti­on from the plan­ning of the processing.
2 The tech­ni­cal and orga­ni­sa­tio­nal mea­su­res must be appro­pria­te in par­ti­cu­lar with regard to the sta­te of the art, the type and ext­ent of pro­ce­s­sing, as well as the risks that the pro­ce­s­sing at hand poses to the per­so­na­li­ty and the fun­da­men­tal rights of the data subjects.
3 The con­trol­ler is addi­tio­nal­ly bound to ensu­re through appro­pria­te pre-defi­ned set­tings that the pro­ce­s­sing of the per­so­nal data is limi­t­ed to the mini­mum requi­red by the pur­po­se, unless the data sub­ject directs otherwise.

Art. 8 Data security

1 The con­trol­ler and the pro­ces­sor must ensu­re, through ade­qua­te tech­ni­cal and orga­ni­sa­tio­nal mea­su­res, secu­ri­ty of the per­so­nal data that appro­pria­te­ly addres­ses the risk.
2 The mea­su­res must enable the avo­id­ance of data secu­ri­ty breaches.
3 The Fede­ral Coun­cil shall issue pro­vi­si­ons on the mini­mum requi­re­ments for data security.

Art. 9 Data pro­ce­s­sing by processors

1 The pro­ce­s­sing of per­so­nal data may be assi­gned by agree­ment or by legis­la­ti­on to a pro­ces­sor if:
a. the data is pro­ce­s­sed only in a man­ner per­mit­ted for the con­trol­ler its­elf; and
b. no sta­tu­to­ry or con­trac­tu­al duty of con­fi­den­tia­li­ty pro­hi­bits the assignment.
2 The con­trol­ler must ensu­re in par­ti­cu­lar that the pro­ces­sor is able to gua­ran­tee data security.
3 The pro­ces­sor may only assign the pro­ce­s­sing to a third par­ty with the pri­or aut­ho­ri­sa­ti­on of the controller.
4 It may invo­ke the same justi­fi­ca­ti­ons as the controller.

Art. 10 Data pro­tec­tion advisor 

1 Pri­va­te con­trol­lers may appoint a data pro­tec­tion advisor.
2 The data pro­tec­tion advi­sor is the cont­act point for the data sub­jects and for the com­pe­tent data pro­tec­tion aut­ho­ri­ties respon­si­ble for data pro­tec­tion mat­ters in Switz­er­land. In par­ti­cu­lar, he or she has the fol­lo­wing duties:
a. to train and advi­se the pri­va­te con­trol­ler in mat­ters of data protection;
b. the par­ti­ci­pa­ti­on in the enforce­ment of data pro­tec­tion regulations.
3 Pri­va­te con­trol­lers may invo­ke the excep­ti­on set out in Artic­le 23 para­graph 4 if the fol­lo­wing requi­re­ments are ful­fil­led:
a. the data pro­tec­tion advi­sor per­forms his func­tion towards the con­trol­ler in a pro­fes­sio­nal­ly inde­pen­dent man­ner and wit­hout being bound by instructions;
b. he does not per­form any acti­vi­ties which are incom­pa­ti­ble with his tasks as data pro­tec­tion advisor;
c. he pos­s­es­ses the neces­sa­ry pro­fes­sio­nal knowledge;
d. the con­trol­ler publishes the cont­act details of the data pro­tec­tion advi­sor and com­mu­ni­ca­tes them to the FDPIC.
4 The Fede­ral Coun­cil regu­la­tes the appoint­ment of data pro­tec­tion advi­sors by the fede­ral bodies.

Art. 11 Codes of conduct

1 Pro­fes­sio­nal asso­cia­ti­ons, indu­stry asso­cia­ti­ons and busi­ness asso­cia­ti­ons who­se sta­tu­tes entit­le them to defend the eco­no­mic inte­rests of their mem­bers, as well as fede­ral bodies, may sub­mit codes of con­duct to the FDPIC.
2 The FDPIC sta­tes his opi­ni­on on the codes of con­duct and publishes his opinion.

Art. 12 Inven­to­ry of pro­ce­s­sing activities

1 The con­trol­lers and the pro­ces­sors each keep an inven­to­ry of their pro­ce­s­sing activities.
2 The controller’s inven­to­ry con­ta­ins at least the fol­lo­wing infor­ma­ti­on:
a. the controller’s identity;
b. the pur­po­se of the processing;
c. a descrip­ti­on of the cate­go­ries of data sub­jects and the cate­go­ries of the pro­ce­s­sed per­so­nal data;
d. the cate­go­ries of the recipients;
e. if pos­si­ble the peri­od of sto­rage of the per­so­nal data or the cri­te­ria to deter­mi­ne the peri­od of storage;
f. if pos­si­ble a gene­ral descrip­ti­on of the mea­su­res to gua­ran­tee data secu­ri­ty pur­su­ant to Artic­le 8;
g. in case of dis­clo­sure of data abroad, the name of the sta­te in que­sti­on and the gua­ran­tees accor­ding to Artic­le 16 para­graph 2.
3 The processor’s inven­to­ry con­ta­ins infor­ma­ti­on on the iden­ti­ty of the pro­ces­sor and of the con­trol­ler, the cate­go­ries of pro­ce­s­sing acti­vi­ties per­for­med on behalf of the con­trol­ler as well as the infor­ma­ti­on fore­seen in para­graph 2 let­ters f and g.
4 The fede­ral bodies noti­fy the FDPIC of their inventories.
5 The Fede­ral Coun­cil pro­vi­des for excep­ti­ons for com­pa­nies that have less than 250 mem­bers of staff and who­se pro­ce­s­sing ent­ails only a low risk of inf­rin­ging the per­so­na­li­ty of the data subjects

Art. 13 Certification

1 The pro­vi­ders of data pro­ce­s­sing systems or soft­ware as well as the con­trol­lers and the pro­ces­sors may sub­mit their systems, their pro­ducts and their ser­vices for eva­lua­ti­on by reco­g­nis­ed inde­pen­dent cer­ti­fi­ca­ti­on organisations.
2 The Fede­ral Coun­cil issues regu­la­ti­ons on the reco­gni­ti­on of cer­ti­fi­ca­ti­on pro­ce­du­res and the intro­duc­tion of a data pro­tec­tion qua­li­ty label. In doing so, it shall take into account inter­na­tio­nal law and inter­na­tio­nal­ly reco­g­nis­ed tech­ni­cal norms.

Sec­tion 2 Data pro­ce­s­sing by pri­va­te con­trol­lers with regi­stered office or resi­dence abroad

Art. 14 Representative

1 Pri­va­te con­trol­lers with their domic­i­le or resi­dence abroad desi­gna­te a repre­sen­ta­ti­ve in Switz­er­land if they pro­cess per­so­nal data of per­sons in Switz­er­land and the data pro­ce­s­sing ful­fils the fol­lo­wing requi­re­ments:
a. The data pro­ce­s­sing is con­nec­ted to offe­ring goods or ser­vices in Switz­er­land or to moni­to­ring the beha­viour of the­se persons.
b. The pro­ce­s­sing is extensive.
c. It is a regu­lar processing.
d. The pro­ce­s­sing invol­ves a high risk for the per­so­na­li­ty of the data subjects.
2 The repre­sen­ta­ti­ve ser­ves as a cont­act point for the data sub­jects and the FDPIC.
3 The con­trol­ler publishes the name and address of the representative.

Art. 15 Duties of the Representative

1 The repre­sen­ta­ti­on office shall keep a regi­ster of the pro­ce­s­sing acti­vi­ties of the con­trol­ler, which con­ta­ins the infor­ma­ti­on spe­ci­fi­ed in Artic­le 12 para­graph 2.
2 On request, it shall pro­vi­de the FDPIC with the infor­ma­ti­on con­tai­ned in the register.
3 On request, it shall pro­vi­de the data sub­ject with infor­ma­ti­on on how to exer­cise his rights.

Sec­tion 3 Cross-Bor­der Dis­clo­sure of Per­so­nal Data

Art. 16 Principles 

1 Per­so­nal data may be dis­c­lo­sed abroad if the Fede­ral Coun­cil has deter­mi­ned that the legis­la­ti­on of the rele­vant Sta­te or inter­na­tio­nal body gua­ran­tees an ade­qua­te level of protection.
2 In the absence of such a decis­i­on by the Fede­ral Coun­cil under para­graph 1, per­so­nal data may be dis­c­lo­sed abroad only if appro­pria­te pro­tec­tion is gua­ran­teed by:
a. an inter­na­tio­nal treaty;
b. data pro­tec­tion pro­vi­si­ons of a con­tract bet­ween the con­trol­ler or the pro­ces­sor and its con­trac­ting part­ner, which were com­mu­ni­ca­ted before­hand to the FDPIC;
c. spe­ci­fic safe­guards pre­pared by the com­pe­tent fede­ral body and com­mu­ni­ca­ted before­hand to the FDPIC;
d. stan­dard data pro­tec­tion clau­ses pre­vious­ly appro­ved, estab­lished or reco­g­nis­ed by the FDPIC;
e. bin­ding cor­po­ra­te rules on data pro­tec­tion which were pre­vious­ly appro­ved by the FDPIC, or by a for­eign aut­ho­ri­ty which is respon­si­ble for data pro­tec­tion and belongs to a sta­te which gua­ran­tees ade­qua­te protection.
3 The Fede­ral Coun­cil can pro­vi­de for other ade­qua­te safe­guards in the sen­se of para­graph 2.

Art. 17 Exceptions

1 By way of dero­ga­ti­on from Artic­le 16 para­graphs 1 and 2, per­so­nal data may be dis­c­lo­sed abroad if:
a. The data sub­ject has expli­ci­t­ly con­sen­ted to the disclosure;
b. The dis­clo­sure is direct­ly con­nec­ted with the con­clu­si­on or the per­for­mance of a con­tract:
1. bet­ween the con­trol­ler and the data sub­ject, or
2. bet­ween the con­trol­ler and its con­trac­ting part­ner in the inte­rest of the data subject;
c. Dis­clo­sure is neces­sa­ry:
1. in order to safe­guard an over­ri­ding public inte­rest, or
2. for the estab­lish­ment, exer­cise or enforce­ment of legal claims befo­re a court or ano­ther com­pe­tent for­eign authority;
d. Dis­clo­sure is neces­sa­ry in order to pro­tect the life or the phy­si­cal inte­gri­ty of the data sub­ject or a third par­ty and it is not pos­si­ble to obtain the con­sent of the data sub­ject within a rea­sonable peri­od of time;
e. The data sub­ject has made the data gene­ral­ly acce­s­si­ble and has not express­ly pro­hi­bi­ted its processing;
f. The data ori­gi­na­tes from a regi­ster pro­vi­ded for by law which is acce­s­si­ble to the public or to per­sons with a legi­ti­ma­te inte­rest, pro­vi­ded that the legal con­di­ti­ons for the con­sul­ta­ti­on are met in the spe­ci­fic case.
2 The con­trol­ler or the pro­ces­sor informs, upon request, the FDPIC of dis­clo­sures of per­so­nal data under para­graph 1, let­ters b, nr 2, c and d.

Art. 18 Publi­ca­ti­on of per­so­nal data in elec­tro­nic format

If per­so­nal data is made gene­ral­ly acce­s­si­ble by means of auto­ma­ted infor­ma­ti­on and com­mu­ni­ca­ti­ons ser­vices for the pur­po­se of pro­vi­ding infor­ma­ti­on to the gene­ral public, this is not dee­med to be trans­bor­der dis­clo­sure, even if the data is acce­s­si­ble from abroad. 

Chap­ter 3: Duties of the Con­trol­ler and the Processor

Art. 19 Duty of infor­ma­ti­on when coll­ec­ting per­so­nal data

1 The con­trol­ler informs the data sub­ject appro­pria­te­ly about the coll­ec­tion of per­so­nal data; such duty of infor­ma­ti­on also applies when data is not coll­ec­ted from the data subject.
2 At the time of coll­ec­tion the con­trol­ler shall pro­vi­de to the data sub­ject all infor­ma­ti­on which is requi­red in order for the data sub­ject to assert his rights accor­ding to this Act and to ensu­re trans­pa­rent pro­ce­s­sing of data, in par­ti­cu­lar:
a. the controller’s iden­ti­ty and cont­act information;
b. the pur­po­se of processing;
c. if appli­ca­ble, the reci­pi­en­ts or the cate­go­ries of reci­pi­en­ts to which per­so­nal data is disclosed.
3 If data is not coll­ec­ted from the data sub­ject, it addi­tio­nal­ly informs the data sub­ject of the cate­go­ries of per­so­nal data which is processed.
4 If per­so­nal data is dis­c­lo­sed abroad, the con­trol­ler also informs the data sub­ject of the name of the Sta­te or inter­na­tio­nal body and, as the case may be, the safe­guards accor­ding to Artic­le 16 para­graph 2 or the appli­ca­bi­li­ty of one of the excep­ti­ons pro­vi­ded for in Artic­le 17.
5 If data is not coll­ec­ted from the data sub­ject, it pro­vi­des to the data sub­ject the infor­ma­ti­on men­tio­ned in para­graphs 2 to 4 at the latest one month after it recei­ved the per­so­nal data. If the con­trol­ler dis­c­lo­ses the per­so­nal data pri­or to this date, it informs the data sub­ject at the time of dis­clo­sure at the latest.

Art. 20 Excep­ti­ons to the duty of infor­ma­ti­on and restrictions

1 The duty of infor­ma­ti­on accor­ding to Artic­le 19 cea­ses to app­ly if one of the fol­lo­wing requi­re­ments is met:
a. The data sub­ject alre­a­dy has the cor­re­spon­ding information.
b. The pro­ce­s­sing is pro­vi­ded for by law.
c. The con­trol­ler is a pri­va­te per­son and is bound by a legal obli­ga­ti­on to secrecy.
d. The requi­re­ments of Artic­le 27 are fulfilled.
2 If per­so­nal data is not coll­ec­ted from the data sub­ject, the duty of infor­ma­ti­on shall also not app­ly if one of the fol­lo­wing requi­re­ments is met:
a. it is not pos­si­ble to give the infor­ma­ti­on; or
b. it requi­res dis­pro­por­tio­na­te efforts.
3 The con­trol­ler may rest­rict, defer or wai­ve the pro­vi­si­on of infor­ma­ti­on in the fol­lo­wing cases:
a. this is requi­red to pro­tect the over­ri­ding inte­rests of third parties;
b. the infor­ma­ti­on pre­vents the pro­ce­s­sing from ful­fil­ling its purpose;
c. when the con­trol­ler is a pri­va­te per­son and the fol­lo­wing con­di­ti­ons are ful­fil­led:
1. the mea­su­re is requi­red by the controller’s over­ri­ding interests.
2. the con­trol­ler does not dis­c­lo­se the per­so­nal data to third parties.
d. when the con­trol­ler is a fede­ral body and one of the fol­lo­wing requi­re­ments is met:
1. a pre­vai­ling public inte­rest, in par­ti­cu­lar the inter­nal or exter­nal secu­ri­ty of Switz­er­land, so requi­res, or
2. the pro­vi­si­on of the infor­ma­ti­on is sus­cep­ti­ble to com­pro­mi­se an inquiry, inve­sti­ga­ti­on or an admi­ni­stra­ti­ve or judi­cial proceeding.
4 The con­di­ti­on in para­graph 3 lit. c num­ber 2 is dee­med met if the dis­clo­sure of per­so­nal data takes place bet­ween com­pa­nies con­trol­led by the same legal entity.

Art. 21 Duty of infor­ma­ti­on in the case of an auto­ma­ted indi­vi­du­al decision

1 The con­trol­ler informs the data sub­ject of a decis­i­on which is taken exclu­si­ve­ly on the basis of an auto­ma­ted pro­ce­s­sing and which has legal effects on the data sub­ject or affects him signi­fi­cant­ly (auto­ma­ted indi­vi­du­al decision).
2 It shall give the data sub­ject upon request the oppor­tu­ni­ty to sta­te his posi­ti­on. The data sub­ject can request that the decis­i­on be review­ed by a natu­ral person.
3 Para­graphs 1 and 2 shall not app­ly if:
a. the decis­i­on is direct­ly con­nec­ted with the con­clu­si­on or the per­for­mance of a con­tract bet­ween the con­trol­ler and the data sub­ject and the request of the lat­ter is satis­fied, or
b. the data sub­ject expli­ci­t­ly con­sen­ted to the decis­i­on being taken in an auto­ma­ted manner.
4 If the auto­ma­ted indi­vi­du­al decis­i­on comes from a fede­ral body, the lat­ter must desi­gna­te it as such. Para­graph 2 does not app­ly if the data sub­ject does not need to be heard befo­re the decis­i­on in accordance with Artic­le 30 para­graph 2 of the Admi­ni­stra­ti­ve Pro­ce­du­re Act of 20 Decem­ber 1968 (APA) or ano­ther fede­ral act.

Art. 22 Data pro­tec­tion impact assessment

1 If the inten­ded data pro­ce­s­sing may lead to a high risk for the data subject’s per­so­na­li­ty or fun­da­men­tal rights, the con­trol­ler must con­duct before­hand a data pro­tec­tion impact assess­ment. If the con­trol­ler con­siders per­forming seve­ral simi­lar pro­ce­s­sing ope­ra­ti­ons, it may estab­lish a joint impact analysis.
2 The exi­stence of a high risk, par­ti­cu­lar­ly when new tech­no­lo­gies are used, depends on the natu­re, the ext­ent, the cir­cum­stances and the pur­po­se of the pro­ce­s­sing. Such a risk exists in par­ti­cu­lar in the fol­lo­wing cases:
a. pro­ce­s­sing of sen­si­ti­ve per­so­nal data on a broad scale;
b. syste­ma­tic sur­veil­lan­ce of exten­si­ve public areas.
3 The data pro­tec­tion impact assess­ment con­ta­ins a descrip­ti­on of the inten­ded pro­ce­s­sing, an eva­lua­ti­on of the risks as regards the data subject’s per­so­na­li­ty or fun­da­men­tal rights, as well as the inten­ded mea­su­res to pro­tect the data subject’s per­so­na­li­ty or fun­da­men­tal rights.
4 Pri­va­te con­trol­lers are reli­e­ved from their obli­ga­ti­on to estab­lish a data pro­tec­tion impact assess­ment if they are legal­ly bound to per­form the processing.
5 The pri­va­te con­trol­ler can abstain from estab­li­shing a data pro­tec­tion impact assess­ment if it uses a system, pro­duct or ser­vice that is cer­ti­fi­ed for the inten­ded use in accordance with Artic­le 13 or if it com­plies with a code of con­duct in accordance with Artic­le 11 which meets the fol­lo­wing requi­re­ments:
a. the code of con­duct is based on a data pro­tec­tion impact assessment;
b. it pro­vi­des for mea­su­res to pro­tect the per­so­na­li­ty rights or fun­da­men­tal rights of the data subject;
c. it was sub­mit­ted to the FDPIC.

Art. 23 Con­sul­ta­ti­on of the FDPIC

1 The con­trol­ler con­sults the FDPIC pri­or to the pro­ce­s­sing when the data pro­tec­tion impact assess­ment shows that the pro­ce­s­sing pres­ents a high risk for the per­so­na­li­ty or fun­da­men­tal rights of the data sub­ject despi­te the mea­su­res envi­sa­ged by the controller.
2 The FDPIC informs the con­trol­ler of his objec­tions against the envi­sa­ged pro­ce­s­sing within two months. This dead­line can be exten­ded by one month in cases of com­plex data processing.
3 If the FDPIC has objec­tions against the envi­sa­ged pro­ce­s­sing, he sug­gests appro­pria­te mea­su­res to the controller.
4 The pri­va­te con­trol­ler can abstain from con­sul­ting the FDPIC if it con­sul­ted the data pro­tec­tion advi­sor accor­ding to Artic­le 10.

Art. 24 Noti­fi­ca­ti­on of data secu­ri­ty breaches

1 The con­trol­ler shall noti­fy the FDPIC as soon as pos­si­ble of a data secu­ri­ty breach that is pro­ba­ble to result in a high risk to the per­so­na­li­ty rights or the fun­da­men­tal rights of the data subject.
2 In the noti­fi­ca­ti­on, it must at least indi­ca­te the natu­re of the data secu­ri­ty breach, its con­se­quen­ces and the mea­su­res taken or foreseen.
3 The pro­ces­sor shall noti­fy the con­trol­ler as soon as pos­si­ble of any data secu­ri­ty breach.
4 The con­trol­ler shall also inform the data sub­ject if this is neces­sa­ry for the pro­tec­tion of the data sub­ject or if the FDPIC so requests.
5 It can rest­rict the infor­ma­ti­on to the data sub­ject, defer it or refrain from pro­vi­ding infor­ma­ti­on if:
a. the­re are grounds pur­su­ant to Artic­le 26 para­graph 1, let­ter b or 2 let­ter b or a sta­tu­to­ry duty of sec­re­cy pro­hi­bits it;
b. infor­ma­ti­on is impos­si­ble or requi­res dis­pro­por­tio­na­te efforts; or
c. the infor­ma­ti­on of the data sub­ject is ensu­red in an equi­va­lent man­ner by a public announcement.
6 A noti­fi­ca­ti­on based on this Artic­le can be used in cri­mi­nal pro­ce­e­dings against the per­son sub­ject to noti­fi­ca­ti­on only with such person’s consent.

Chap­ter 4: Rights of the Data Subject

Art. 25 Access right

1 Any per­son may request infor­ma­ti­on from the con­trol­ler as to whe­ther per­so­nal data con­cer­ning him is being processed.
2 The data sub­ject shall recei­ve the infor­ma­ti­on requi­red in order to enable him to assert his rights under this Act and to ensu­re the trans­pa­rent pro­ce­s­sing of data. In any case, the fol­lo­wing infor­ma­ti­on is pro­vi­ded to the data sub­ject:
a. iden­ti­ty and cont­act details of the controller;
b. the per­so­nal data being pro­ce­s­sed as such;
c. the pur­po­se of processing;
d. the peri­od of sto­rage of the per­so­nal data or, if this is not pos­si­ble, the cri­te­ria used to deter­mi­ne such period;
e. the available infor­ma­ti­on on the ori­gin of the per­so­nal data, to the ext­ent that it was not coll­ec­ted from the data subject;
f. if appli­ca­ble, the exi­stence of an auto­ma­ted indi­vi­du­al decis­i­on as well as the logic on which this decis­i­on is based;
g. if appli­ca­ble, the reci­pi­en­ts or cate­go­ries of reci­pi­en­ts to which the per­so­nal data was dis­c­lo­sed as well as the infor­ma­ti­on fore­seen in Artic­le 19 para­graph 4.
3 Per­so­nal data on the data subject’s health may be com­mu­ni­ca­ted to the data sub­ject, pro­vi­ded his con­sent is given, by a heal­th­ca­re pro­fes­sio­nal desi­gna­ted by him.
4 If the con­trol­ler has per­so­nal data pro­ce­s­sed by a pro­ces­sor, the con­trol­ler remains under the obli­ga­ti­on to pro­vi­de information.
5 No one may wai­ve the right to infor­ma­ti­on in advance.
6 The con­trol­ler pro­vi­des the reque­sted infor­ma­ti­on free of char­ge. The Fede­ral Coun­cil may pro­vi­de for excep­ti­ons whe­re infor­ma­ti­on shall not be pro­vi­ded free of char­ge, in par­ti­cu­lar if the effort invol­ved is disproportionate.
7 As a rule, the infor­ma­ti­on shall be pro­vi­ded within 30 days.

Art. 26 Limi­ta­ti­ons to the access right

1 The con­trol­ler may refu­se, rest­rict or defer pro­vi­si­on of infor­ma­ti­on if:
a. a for­mal law pro­vi­des for it, in par­ti­cu­lar to pro­tect a pro­fes­sio­nal secret;
b. it is requi­red by pre­vai­ling inte­rests of third par­ties; or
c. the request for infor­ma­ti­on is mani­fest­ly unfoun­ded in par­ti­cu­lar if it pur­sues a pur­po­se that is con­tra­ry to data pro­tec­tion or is obvious­ly of a fri­vo­lous nature.
2 Addi­tio­nal­ly, it is pos­si­ble to refu­se, rest­rict or defer the pro­vi­si­on of infor­ma­ti­on in the fol­lo­wing cases:
a. when the con­trol­ler is a pri­va­te per­son and the fol­lo­wing con­di­ti­ons are ful­fil­led:
1. if pre­vai­ling inte­rests of the con­trol­ler requi­re the measure.
2. the con­trol­ler does not dis­c­lo­se the per­so­nal data to a third parties.
b. when the con­trol­ler is a fede­ral body and one of the fol­lo­wing requi­re­ments is met:
1. the mea­su­re is requi­red for a pre­vai­ling public inte­rest, in par­ti­cu­lar the inter­nal or exter­nal secu­ri­ty of Switz­er­land, or
2. the pro­vi­si­on of infor­ma­ti­on is sus­cep­ti­ble to com­pro­mi­se an inquiry, inve­sti­ga­ti­on or an admi­ni­stra­ti­ve or judi­cial proceeding.
3 The requi­re­ment under para­graph 2 lit. a num­ber 2 is con­side­red to be met if the dis­clo­sure of per­so­nal data takes place bet­ween com­pa­nies con­trol­led by the same legal entity.
4 The con­trol­ler must indi­ca­te the grounds on which it refu­ses, rest­ricts or defers the pro­vi­si­on of the information.

Art. 27 Limi­ta­ti­ons to the access right for media

1 If per­so­nal data is used exclu­si­ve­ly for publi­ca­ti­on in the edi­ted sec­tion of a peri­odi­cal­ly published medi­um, the con­trol­ler may refu­se, rest­rict or defer pro­vi­si­on of infor­ma­ti­on for one of the fol­lo­wing rea­sons:
a. the data reve­als infor­ma­ti­on about the sources of the information;
b. access to draft publi­ca­ti­ons would ensue;
c. the publi­ca­ti­on would jeo­par­di­ze the free for­ma­ti­on of the public opinion.
2 Jour­na­lists may also refu­se, rest­rict or defer pro­vi­si­on of infor­ma­ti­on if they use the per­so­nal data exclu­si­ve­ly as their per­so­nal work instrument.

Art. 28 Right of data portability 

1 Any per­son may request from the con­trol­ler, free of char­ge, the dis­clo­sure of the per­so­nal data that he has dis­c­lo­sed to him in a stan­dard elec­tro­nic for­mat if:
a. the con­trol­ler pro­ce­s­ses the data in an auto­ma­ted man­ner; and
b. the data is pro­ce­s­sed with the con­sent of the data sub­ject or in direct con­nec­tion with the con­clu­si­on or per­for­mance of a con­tract bet­ween the con­trol­ler and the data subject.
2 In addi­ti­on, the data sub­ject may request the con­trol­ler to trans­fer his per­so­nal data to ano­ther con­trol­ler if the requi­re­ments in accordance with para­graph 1 are met and this does not invol­ve a dis­pro­por­tio­na­te effort.
3 The Fede­ral Coun­cil may pro­vi­de for excep­ti­ons to this free­dom of char­ge, in par­ti­cu­lar if the effort invol­ved is disproportionate.

Art. 29 Rest­ric­tions on the right to data out­put and transmission

1 The con­trol­ler may refu­se, rest­rict or post­po­ne the release and trans­fer of per­so­nal data for the rea­sons listed in Artic­le 26 para­graphs 1 and 2.
2 The con­trol­ler must give rea­sons for refu­sing, rest­ric­ting or post­po­ning the release or transfer.

Chap­ter 5: Spe­cial Pro­vi­si­ons for Data Pro­ce­s­sing by Pri­va­te Persons

Art. 30 Vio­la­ti­on of the personality

1 Anyo­ne who pro­ce­s­ses per­so­nal data must not unlawful­ly vio­la­te the data sub­jects’ personality.
2 A per­so­na­li­ty harm exists in par­ti­cu­lar if:
a. per­so­nal data is pro­ce­s­sed in con­tra­ven­ti­on with the prin­ci­ples set forth in Artic­les 6 and 8;
b. per­so­nal data is pro­ce­s­sed against the data subject’s express decla­ra­ti­on of intent;
c. sen­si­ti­ve per­so­nal data is dis­c­lo­sed to third parties.
3 In gene­ral, the­re is no vio­la­ti­on of the per­so­na­li­ty if the data sub­ject has made the per­so­nal data gene­ral­ly acce­s­si­ble and has not express­ly pro­hi­bi­ted its processing.

Art. 31 Justifications

1 A vio­la­ti­on of the per­so­na­li­ty is unlawful unless it is justi­fi­ed by the con­sent of the data sub­ject, by an over­ri­ding pri­va­te or public inte­rest or by law.
2 An over­ri­ding inte­rest of the con­trol­ler may in par­ti­cu­lar be con­side­red in the fol­lo­wing cases:
a. The con­trol­ler pro­ce­s­ses per­so­nal data of the con­trac­tu­al par­ty in direct con­nec­tion with the con­clu­si­on or the per­for­mance of a contract.
b. The con­trol­ler is or will be in com­mer­cial com­pe­ti­ti­on with ano­ther per­son or will be in com­mer­cial com­pe­ti­ti­on with ano­ther per­son and for this pur­po­se pro­ce­s­ses per­so­nal data that is not dis­c­lo­sed to third par­ties, except in the case of dis­clo­sure that takes place bet­ween com­pa­nies con­trol­led by the same legal entity
c. The con­trol­ler pro­ce­s­ses per­so­nal data in order to veri­fy the data subject’s cre­dit­wort­hi­ness, pro­vi­ded that the fol­lo­wing requi­re­ments are ful­fil­led:
1. The pro­ce­s­sing does neither invol­ve sen­si­ti­ve per­so­nal nor high-risk profiling.
2. The data is dis­c­lo­sed to third par­ties only if the data is requi­red by such third par­ties for the con­clu­si­on or the per­for­mance of a con­tract with the data subject.
3.The data is not older than ten years.
4. The data sub­ject is of age.
d. The con­trol­ler pro­ce­s­ses the per­so­nal data on a pro­fes­sio­nal basis and exclu­si­ve­ly for publi­ca­ti­on in the edi­ted sec­tion of a peri­odi­cal­ly published medi­um or the data ser­ves the con­trol­ler exclu­si­ve­ly as a per­so­nal working instru­ment, given that no publi­ca­ti­on takes place.
e. The con­trol­ler pro­ce­s­ses per­so­nal data for pur­po­ses not rela­ting to a spe­ci­fic per­son, in par­ti­cu­lar for the pur­po­ses of rese­arch, plan­ning and sta­tis­tics, pro­vi­ded that the fol­lo­wing requi­re­ments are ful­fil­led:
1. The con­trol­ler shall anony­mi­ze the data as soon as the pur­po­se of the pro­ce­s­sing allo­ws for it or shall take rea­sonable mea­su­res to pre­vent the iden­ti­fi­ca­ti­on of the data sub­jects if anony­mizati­on is impos­si­ble or requi­res a dis­pro­por­tio­na­te effort.
2. Sen­si­ti­ve per­so­nal data is dis­c­lo­sed to third par­ties in such a man­ner that the data sub­jects may not be iden­ti­fi­ed. If this is not pos­si­ble, mea­su­res must be taken to ensu­re that third par­ties only pro­cess the data for non-per­so­nal rela­ted purposes.
3. Results are published in such a man­ner that the data sub­jects may not be identified.
f. The con­trol­ler coll­ects per­so­nal data on a per­son of public inte­rest which rela­tes to the public acti­vi­ties of that person.

Art. 32 Legal claims

1 The data sub­ject may request that incor­rect per­so­nal data be cor­rec­ted, unless:
a. the­re is a sta­tu­to­ry regu­la­ti­on pro­hi­bi­ting the correction;
b. the per­so­nal data is being pro­ce­s­sed for archi­ving pur­po­ses in the public interest.
2 Actions rela­ting to the pro­tec­tion of per­so­na­li­ty rights are gover­ned by Artic­les 28, 28a and 28g – 28l of the Civil Code. The clai­mant may in par­ti­cu­lar request that:
a. a spe­ci­fic data pro­ce­s­sing be prohibited;
b. a spe­ci­fic dis­clo­sure of per­so­nal data to third par­ties be prohibited;
c. per­so­nal data be dele­ted or destroyed.
3 If neither the accu­ra­cy nor the inac­cu­ra­cy of the per­so­nal data can be deter­mi­ned, the clai­mant may request for a note that indi­ca­tes the objec­tion to be added to the per­so­nal data.
4 Fur­ther­mo­re, the clai­mant may request the cor­rec­tion, the dele­ti­on or the des­truc­tion, the pro­hi­bi­ti­on of pro­ce­s­sing or of dis­clo­sure to third par­ties, the note indi­ca­ting the objec­tion or the jud­ge­ment be com­mu­ni­ca­ted to third par­ties or published.

Chap­ter 6: Spe­cial Pro­vi­si­ons for Data Pro­ce­s­sing by Fede­ral Bodies

Art. 33 Con­trol and respon­si­bi­li­ty in case of joint pro­ce­s­sing of per­so­nal data

The Fede­ral Coun­cil regu­la­tes the con­trol pro­ce­du­res and the respon­si­bi­li­ty for data pro­tec­tion if the fede­ral body pro­ce­s­ses per­so­nal data tog­e­ther with other fede­ral bodies, with can­to­nal bodies or with pri­va­te persons. 

Art. 34 Legal basis

1 Fede­ral bodies may pro­cess per­so­nal data only if the­re is a sta­tu­to­ry basis for doing so.
2 A sta­tu­to­ry basis must figu­re in a for­mal law in the fol­lo­wing cases:
a. The pro­ce­s­sed data is sen­si­ti­ve per­so­nal data.
b. It is a mat­ter of profiling.
c. The pro­ce­s­sing pur­po­se or the type and man­ner of the data pro­ce­s­sing may result in a serious inter­fe­rence with the fun­da­men­tal rights of the data subject.
3 For the pro­ce­s­sing of per­so­nal data under para­graph 2 let­ters a and b, a sta­tu­to­ry basis in a sub­stan­ti­ve law is suf­fi­ci­ent if the fol­lo­wing requi­re­ments are ful­fil­led:
a. The pro­ce­s­sing is essen­ti­al for a task defi­ned in a for­mal law.
b. The pro­ce­s­sing does not invol­ve any spe­cial risks affec­ting the fun­da­men­tal rights of the data subject.
4 By way of dero­ga­ti­on from para­graphs 1 to 3, fede­ral bodies may pro­cess per­so­nal data if one of the fol­lo­wing requi­re­ments is ful­fil­led:
a. The Fede­ral Coun­cil has aut­ho­ri­sed pro­ce­s­sing becau­se it con­siders the rights of the data sub­ject not to be endangered.
b. The data sub­ject has given his con­sent to the pro­ce­s­sing in the spe­ci­fic case or made his per­so­nal data gene­ral­ly acce­s­si­ble and has not express­ly pro­hi­bi­ted the processing.
c. The pro­ce­s­sing is requi­red in order to pro­tect the life or the phy­si­cal inte­gri­ty of the data sub­ject or a third par­ty and it is not pos­si­ble to obtain the con­sent of the data sub­ject within a rea­sonable peri­od of time.

Art. 35 Auto­ma­ted data pro­ce­s­sing in pilot projects

1 The Fede­ral Coun­cil may, befo­re a for­mal law enters into force, aut­ho­ri­se the auto­ma­ted pro­ce­s­sing of sen­si­ti­ve per­so­nal data or other data pro­ce­s­sing under Artic­le 34 para­graph 2 let­ters b and c if:
a. the tasks based on which the pro­ce­s­sing is requi­red are regu­la­ted in a for­mal law that has alre­a­dy ente­red into force;
b. ade­qua­te mea­su­res are taken to limit inter­fe­ren­ces with the fun­da­men­tal rights of the data sub­ject to the mini­mum; and
c. for the prac­ti­cal imple­men­ta­ti­on of a data pro­ce­s­sing a test pha­se befo­re ent­ry into force is indis­pensable, in par­ti­cu­lar for tech­ni­cal reasons.
2 It obta­ins the FDPIC’s opi­ni­on in advance.
3 The com­pe­tent fede­ral body shall pro­vi­de the Fede­ral Coun­cil with an eva­lua­ti­on report at the latest within two years after incep­ti­on of the pilot pro­ject. The report con­ta­ins a pro­po­sal on whe­ther the pro­ce­s­sing should be con­tin­ued or terminated.
4 Auto­ma­ted data pro­ce­s­sing must be ter­mi­na­ted in any event if within five years after incep­ti­on of the pilot pro­ject no for­mal law has ente­red into force that con­ta­ins the requi­red legal basis.

Art. 36 Dis­clo­sure of per­so­nal data

1 Fede­ral bodies may dis­c­lo­se per­so­nal data only if a sta­tu­to­ry basis in accordance with Artic­le 34 para­graphs 1 to 3 so provides.
2 In dero­ga­ti­on from para­graph 1, they may dis­c­lo­se per­so­nal data in the spe­ci­fic case if one of the fol­lo­wing requi­re­ments is ful­fil­led:
a. Dis­clo­sure of the data is indis­pensable to the con­trol­ler or the reci­pi­ent for the ful­film­ent of a sta­tu­to­ry task.
b. The data sub­ject has con­sen­ted to the disclosure.
c. Dis­clo­sure of the data is requi­red in order to pro­tect the life or the phy­si­cal inte­gri­ty of the data sub­ject or a third par­ty and it is not pos­si­ble to obtain the con­sent of the data sub­ject within a rea­sonable peri­od of time.
d. The data sub­ject has made its data gene­ral­ly acce­s­si­ble and has not express­ly pro­hi­bi­ted disclosure.
e. The reci­pi­ent cre­di­bly demon­stra­tes that the data sub­ject is with­hol­ding con­sent or objects to dis­clo­sure in order to pre­vent the enforce­ment of legal claims or the safe­guar­ding of other legi­ti­ma­te inte­rests; the data sub­ject must be given the oppor­tu­ni­ty to com­ment before­hand, unless this is impos­si­ble or invol­ves a dis­pro­por­tio­na­te effort.
3 They may also dis­c­lo­se per­so­nal data in the con­text of offi­ci­al infor­ma­ti­on dis­c­lo­sed to the gene­ral public, eit­her ex offi­cio or pur­su­ant to the Free­dom of Infor­ma­ti­on Act of 17 Decem­ber 2004 , if:
a. the data per­ta­ins to the ful­film­ent of a public duty; and
b. the­re is an over­ri­ding public inte­rest in its disclosure.
4 They may on request also dis­c­lo­se the name, first name, address and date of birth of a per­son if the requi­re­ments of para­graph 1 or 2 are not fulfilled.
5 They may make per­so­nal data gene­ral­ly acce­s­si­ble by means of auto­ma­ted infor­ma­ti­on and com­mu­ni­ca­ti­on ser­vices if a legal basis pro­vi­des for the publi­ca­ti­on of such data or if they dis­c­lo­se data on the basis of para­graph 3. If the­re is no lon­ger a public inte­rest in making such data gene­ral­ly acce­s­si­ble, the data con­cer­ned must be dele­ted from the auto­ma­ted infor­ma­ti­on and com­mu­ni­ca­ti­on service.
6 Fede­ral bodies shall refu­se or rest­rict dis­clo­sure, or make it sub­ject to con­di­ti­ons, if:
a. essen­ti­al public inte­rests or inte­rests mani­fest­ly war­ran­ting pro­tec­tion of a data sub­ject so requi­re or
b. sta­tu­to­ry duties of sec­re­cy or spe­cial data pro­tec­tion regu­la­ti­ons so require.

Art. 37 Objec­tion to the dis­clo­sure of per­so­nal data

1 The data sub­ject that cre­di­bly demon­stra­tes an inte­rest war­ran­ting pro­tec­tion may object to the dis­clo­sure of cer­tain per­so­nal data by the com­pe­tent fede­ral body.
2 The fede­ral body shall refu­se such request if one of the fol­lo­wing requi­re­ments is ful­fil­led:
a. the­re is a legal duty of disclosure;
b. the ful­film­ent of its task would other­wi­se be endangered.
3 Artic­le 36 para­graph 3 is reserved.

Art. 38 Offe­ring of docu­ments to the Fede­ral Archive

1 In accordance with the Archi­ving Act of 26 June 1998 , the fede­ral bodies shall offer the Fede­ral Archi­ve all per­so­nal data that the fede­ral bodies no lon­ger con­stant­ly require.
2 The fede­ral body shall destroy per­so­nal data desi­gna­ted by the Fede­ral Archi­ve as not being of archi­val value unless:
a. it is ren­de­red anonymous;
b. it must be pre­ser­ved on evi­den­tia­ry or secu­ri­ty grounds or in order to safe­guard the legi­ti­ma­te inte­rests of the data subject.

Art. 39 Data pro­ce­s­sing for rese­arch, plan­ning and statistics

1 Fede­ral bodies may pro­cess per­so­nal data for pur­po­ses not rela­ted to spe­ci­fic per­sons, in par­ti­cu­lar for rese­arch, plan­ning and sta­tis­tics, if:
a. the data is ren­de­red anony­mous, as soon as the pro­ce­s­sing pur­po­se so permits;
b. the fede­ral body dis­c­lo­ses sen­si­ti­ve per­so­nal data to pri­va­te per­sons only in such a man­ner that the data sub­jects can­not be identified;
c. the reci­pi­ent only pas­ses on the data to third par­ties with the con­sent of the fede­ral body which has dis­c­lo­sed the data; and
d. the results are only published in such a man­ner that the data sub­jects may not be identified.
2 Artic­les 6 para­graph 3, 34 para­graph 2 and Artic­le 36 para­graph 1 do not apply.

Art. 40 Pri­va­te law acti­vi­ties of fede­ral bodies

If a fede­ral body acts under pri­va­te law, the pro­vi­si­ons for data pro­ce­s­sing by pri­va­te per­sons apply. 

Art. 41 Claims and procedure

1 Anyo­ne with an inte­rest war­ran­ting pro­tec­tion may request the respon­si­ble fede­ral body to:
a. refrain from unlawful­ly pro­ce­s­sing the per­so­nal data;
b. eli­mi­na­te the con­se­quen­ces of unlawful processing;
c. ascer­tain the unlawful­ness of the processing.
2 The clai­mant may in par­ti­cu­lar request that the fede­ral body:
a. cor­rect, dele­te or destroy the per­so­nal data concerned;
b. publish or com­mu­ni­ca­te its decis­i­on to third par­ties, in par­ti­cu­lar on the cor­rec­tion, dele­ti­on or des­truc­tion, the objec­tion to dis­clo­sure under Artic­le 37 or the note that indi­ca­tes the objec­tion under para­graph 4.
3 Instead of dele­ting or destroy­ing the per­so­nal data, the fede­ral body rest­ricts the pro­ce­s­sing if
a. the data sub­ject dis­pu­tes the accu­ra­cy of the per­so­nal data and if it is not pos­si­ble to deter­mi­ne the accu­ra­cy or the inac­cu­ra­cy thereof;
b. over­ri­ding inte­rests of third par­ties so require;
c. an over­ri­ding public inte­rest, in par­ti­cu­lar the inter­nal or exter­nal secu­ri­ty of Switz­er­land, so requires;
d. the dele­ti­on or des­truc­tion of the data may jeo­par­di­se an inquest, an inve­sti­ga­ti­on or admi­ni­stra­ti­ve or judi­cial proceeding.
4 If it is not pos­si­ble to deter­mi­ne the accu­ra­cy or the inac­cu­ra­cy of per­so­nal data, the fede­ral body atta­ches to the data a note that indi­ca­tes the objection.
5 The cor­rec­tion, dele­ti­on or des­truc­tion of per­so­nal data may not be reque­sted with respect to the inven­to­ry of publicly acce­s­si­ble libra­ri­es, edu­ca­tio­nal insti­tu­ti­ons, muse­ums, archi­ves or other public memo­ri­al insti­tu­ti­ons. If the appli­cant can cre­di­bly demon­stra­te an over­ri­ding inte­rest, he may request that the insti­tu­ti­on rest­rict access to the dis­pu­ted data. Para­graphs 3 and 4 do not apply.
6 The pro­ce­du­re is gover­ned by the APA . The excep­ti­ons con­tai­ned in Artic­les 2 and 3 APA do not apply.

Art. 42 Pro­ce­du­re in the event of the dis­clo­sure of offi­ci­al docu­ments con­tai­ning per­so­nal data

If pro­ce­e­dings rela­ting to access to offi­ci­al docu­ments within the mea­ning of the Free­dom of Infor­ma­ti­on Act of 17 Decem­ber 2004 that con­tain per­so­nal data are pen­ding, the data sub­ject may in such pro­ce­e­dings cla­im the rights given to him under Artic­le 41 for tho­se of the docu­ments that are the sub­ject mat­ter of the access proceedings. 

Chap­ter 7: Fede­ral Data Pro­tec­tion and Infor­ma­ti­on Commissioner

Sec­tion 1 Organisation

Art. 43 Appoint­ment and status

1The head of the FDPIC (the com­mis­sio­ner) is elec­ted by the Fede­ral Assembly.
2 Anyo­ne who is entit­led to vote on fede­ral mat­ters is eligible.
3 The employment rela­ti­on­ship of the com­mis­sio­ner is gover­ned by the Fede­ral Per­son­nel Act of 24 March 2000 (BPG) , unless this Act pro­vi­des other­wi­se. The com­mis­sio­ner is insu­red against the eco­no­mic con­se­quen­ces of old age, disa­bi­li­ty and death with the Fede­ral Pen­si­on Fund PUBLICA until the age of 65. If the employment rela­ti­on­ship is con­tin­ued after the age of 65, then the pen­si­on sche­me will be con­tin­ued, at the request of the com­mis­sio­ner, until the ter­mi­na­ti­on of the employment rela­ti­on­ship but at the most until the end of the year in which he or she has com­ple­ted the age of 68. The FDPIC covers the savings con­tri­bu­ti­ons of the employer.
3bis The Fede­ral Assem­bly shall issue the imple­men­ting pro­vi­si­ons on the employment rela­ti­on­ship of the com­mis­sio­ner in an ordi­nan­ce.
4 The com­mis­sio­ner exer­cis­es his func­tion inde­pendent­ly wit­hout asking for or accep­ting ins­truc­tions of any aut­ho­ri­ty or third par­ty. He is assi­gned to the Fede­ral Chan­cel­lery for admi­ni­stra­ti­ve purposes.
5 He has a per­ma­nent secre­ta­ri­at and his own bud­get. He hires his own staff.
6 He is not sub­ject to the system of assess­ment under Artic­le 4 para­graph 3 BPG.

Art. 44 Term of office, reap­point­ment and ter­mi­na­ti­on of the term of office

1 The term of office of the com­mis­sio­ner is four years and may be rene­wed twice. It beg­ins on 1 Janu­ary fol­lo­wing the start of the legis­la­ti­ve peri­od of the Natio­nal Council.
2 The com­mis­sio­ner may ter­mi­na­te the employment rela­ti­on­ship at the end of a month with six months’ noti­ce. The Judi­cial Com­mis­si­on may grant the com­mis­sio­ner a shorter noti­ce peri­od in an indi­vi­du­al case pro­vi­ded the­re are no mate­ri­al con­flic­ting inte­rests.
3 The com­mis­sio­ner may request the Fede­ral Assem­bly to be dischar­ged from office at the end of any month sub­ject to six months advan­ce notice.
4 The Fede­ral Assem­bly may dis­miss the com­mis­sio­ner from office befo­re the expiry of his term of office if he:
a. wilful­ly or through gross negli­gence serious­ly vio­la­tes offi­ci­al duties; or
b. is per­ma­nent­ly unable to ful­fil his office.

Art. 44a Warning

The Judi­cial Com­mis­si­on may issue a war­ning if it finds that the com­mis­sio­ner has vio­la­ted offi­ci­al duties.

Art. 45 Budget

The FDPIC sub­mits the draft of his bud­get annu­al­ly to the Fede­ral Coun­cil via the Fede­ral Chan­cel­lery. The Fede­ral Coun­cil for­wards it unch­an­ged to the Fede­ral Assembly. 

Art. 46 Incompatibility

The com­mis­sio­ner may not be a mem­ber of the Fede­ral Assem­bly or the Fede­ral Coun­cil and may not have an employment rela­ti­on­ship with the Confederation. 

Art. 47 Secon­da­ry employment

1 The com­mis­sio­ner must not car­ry out any secon­da­ry employment
2 The Judi­cial Com­mis­si­on may per­mit for the com­mis­sio­ner to enga­ge in secon­da­ry employment if this does not impair the exer­cise of the func­tion or the inde­pen­dence and repu­ta­ti­on of the FDPIC. The decis­i­on will be published.

Art. 47a Recusal

If the commissioner’s recu­sal is dis­pu­ted, the Pre­si­dent of the divi­si­on of the Fede­ral Admi­ni­stra­ti­ve Court respon­si­ble for data pro­tec­tion will deci­de on the matter. 

Art. 48 Self-regu­la­ti­on of the FDPIC

By means of appro­pria­te con­trol mea­su­res, in par­ti­cu­lar with respect to data secu­ri­ty, the FDPIC shall ensu­re that the legal­ly com­pli­ant enforce­ment of the fede­ral data pro­tec­tion regu­la­ti­ons is gua­ran­teed in his office. 

Sec­tion 2 Inve­sti­ga­ti­on of brea­ches of data pro­tec­tion regulations

Art. 49 Investigation

1 The FDPIC initia­tes, ex offi­cio or upon noti­fi­ca­ti­on, an inve­sti­ga­ti­on against a fede­ral body or a pri­va­te per­son if the­re are suf­fi­ci­ent indi­ca­ti­ons that a data pro­ce­s­sing could vio­la­te the data pro­tec­tion regulations.
2 He may refrain from initia­ting an inve­sti­ga­ti­on if the breach of the data pro­tec­tion regu­la­ti­ons is of minor significance.
3 The fede­ral body or the pri­va­te per­son will pro­vi­de the FDPIC with all infor­ma­ti­on and will make available all docu­ments which are neces­sa­ry for the inve­sti­ga­ti­on. The right to refu­se to pro­vi­de infor­ma­ti­on is gover­ned by Artic­les 16 and 17 APA unless Artic­le 50 para­graph 2 pro­vi­des otherwise.
4 If the data sub­ject noti­fi­ed the FDPIC, he will inform the data sub­ject of the steps under­ta­ken in the mat­ter based on the data subject’s noti­fi­ca­ti­on and the results of the inve­sti­ga­ti­on, if any.

Art. 50 Powers

1 If the fede­ral body or the pri­va­te per­son does not com­ply with the duty to coope­ra­te, the FDPIC may in the con­text of the inve­sti­ga­ti­on order the fol­lo­wing:
a. access to all infor­ma­ti­on, docu­ments, regi­sters of the pro­ce­s­sing acti­vi­ties and per­so­nal data which are requi­red for the investigation;
b. access to pre­mi­ses and facilities,
c. que­stio­ning of witnesses;
d. eva­lua­tions by experts.
2 Pro­fes­sio­nal sec­re­cy is reserved.
3 He may call on other a fede­ral aut­ho­ri­ty or the can­to­nal or muni­ci­pal poli­ce to enforce the mea­su­res in accordance with para­graph 1.

Art. 51 Admi­ni­stra­ti­ve measures

1 If data pro­tec­tion regu­la­ti­ons are vio­la­ted, the FDPIC may order that the pro­ce­s­sing is ful­ly or par­ti­al­ly adju­sted, sus­pen­ded or ter­mi­na­ted and that the per­so­nal data is ful­ly or par­ti­al­ly dele­ted or destroyed.
2 He may defer or pro­hi­bit dis­clo­sure abroad if it vio­la­tes the requi­re­ments under Artic­les 13 or 14 or spe­ci­fic pro­vi­si­ons on the dis­clo­sure of per­so­nal data abroad in other Fede­ral Acts.
3 He may in par­ti­cu­lar order that the fede­ral body or the pri­va­te per­son:
a. inform the FDPIC under Artic­les 16 para­graph 2 let­ters b and c and 17 para­graph 2;
b. take the mea­su­res under Artic­les 7 and 8;
c. inform the data sub­jects under Artic­les 19 and 21
d. per­form a data pro­tec­tion impact assess­ment under Artic­le 22;
e. con­sult the FDPIC under Artic­le 23;
f. inform the FDPIC or, if appli­ca­ble, the data sub­jects under Artic­le 24; and
g. pro­vi­de the data sub­ject with the infor­ma­ti­on under Artic­le 25.
4 He may also order that the pri­va­te con­trol­ler with its regi­stered office or place of resi­dence abroad desi­gna­te a repre­sen­ta­ti­on in accordance with Artic­le 14.
5 If during the inve­sti­ga­ti­on the fede­ral body or the pri­va­te per­son has taken the neces­sa­ry mea­su­res to resto­re com­pli­ance with the data pro­tec­tion regu­la­ti­ons, the FDPIC may limit hims­elf to issuing a warning.

Art. 52 Proceedings

1 Inve­sti­ga­ti­on pro­ce­e­dings and decis­i­ons under Artic­les 44 and 45 are gover­ned by the APA .
2 Only the fede­ral body or the pri­va­te per­son against whom the inve­sti­ga­ti­on was initia­ted shall be par­ty to the proceedings.
3 The FDPIC may file an appeal against appeal decis­i­ons issued by the Fede­ral Admi­ni­stra­ti­ve Court.

Art. 53 Coordination

1 Fede­ral admi­ni­stra­ti­ve aut­ho­ri­ties which super­vi­se pri­va­te per­sons or orga­ni­sa­ti­ons out­side of the Fede­ral Admi­ni­stra­ti­on in accordance with ano­ther fede­ral act invi­te the FDPIC to sub­mit a state­ment befo­re they issue a decis­i­on per­tai­ning to data pro­tec­tion issues.
2 If the FDPIC has initia­ted his own inve­sti­ga­ti­on against the same par­ty, the two aut­ho­ri­ties will coor­di­na­te their proceedings.

Sec­tion 3 Admi­ni­stra­ti­ve assistance

Art. 54 Admi­ni­stra­ti­ve assi­stance bet­ween Swiss authorities

1 Fede­ral and can­to­nal aut­ho­ri­ties pro­vi­de the FDPIC with the infor­ma­ti­on and per­so­nal data requi­red for the per­for­mance of his sta­tu­to­ry duties.
2 The FDPIC dis­c­lo­ses to the fol­lo­wing aut­ho­ri­ties the infor­ma­ti­on and per­so­nal data requi­red for the per­for­mance of their sta­tu­to­ry duties:
a. the aut­ho­ri­ties respon­si­ble for data pro­tec­tion in Switzerland;
b. the com­pe­tent cri­mi­nal pro­se­cu­ti­on aut­ho­ri­ties if a cri­mi­nal offence under Artic­le 65 para­graph 2 is reported;
c. the fede­ral aut­ho­ri­ties as well as the can­to­nal and muni­ci­pal poli­ce for the enforce­ment of the mea­su­res under Artic­les 50 para­graph 2 and 51.

Art. 55 Admi­ni­stra­ti­ve assi­stance to for­eign authorities

1 The FDPIC may exch­an­ge infor­ma­ti­on and per­so­nal data with for­eign aut­ho­ri­ties respon­si­ble for data pro­tec­tion for the per­for­mance of their respec­ti­ve sta­tu­to­ry duties in the area of data pro­tec­tion if the fol­lo­wing requi­re­ments are ful­fil­led:
a. The recipro­ci­ty of admi­ni­stra­ti­ve assi­stance is ensured.
b. Infor­ma­ti­on and per­so­nal data are only used for the pro­ce­e­dings rela­ting to data pro­tec­tion on which the request for admi­ni­stra­ti­ve assi­stance is based.
c. The recei­ving aut­ho­ri­ty under­ta­kes to obser­ve pro­fes­sio­nal, busi­ness and manu­fac­tu­ring secrets.
d. Infor­ma­ti­on and per­so­nal data are only dis­c­lo­sed if the aut­ho­ri­ty which has trans­mit­ted them has pre­vious­ly con­sen­ted to the disclosure.
e. The recei­ving aut­ho­ri­ty under­ta­kes to adhe­re to the con­di­ti­ons and rest­ric­tions of the aut­ho­ri­ty which has trans­mit­ted the infor­ma­ti­on and per­so­nal data.
2 In order to sub­stan­tia­te his request for admi­ni­stra­ti­ve assi­stance or to com­ply with the request of an aut­ho­ri­ty, the FDPIC may in par­ti­cu­lar pro­vi­de the fol­lo­wing infor­ma­ti­on:
a. the iden­ti­ty of the con­trol­ler, the pro­ces­sor or other third par­ties involved;
b. the cate­go­ries of data subjects;
c. the iden­ti­ty of data sub­jects if:
1. the data sub­jects have con­sen­ted the­re­to, or
2. the noti­fi­ca­ti­on of the iden­ti­ty of the data sub­jects is indis­pensable so that the FDPIC or the for­eign aut­ho­ri­ty may ful­fil their sta­tu­to­ry duties;
d. pro­ce­s­sed per­so­nal data or cate­go­ries of pro­ce­s­sed per­so­nal data;
e. the pur­po­se of processing;
f. reci­pi­en­ts or cate­go­ries of recipients;
g. tech­ni­cal and orga­ni­sa­tio­nal measures.
3 Befo­re the FDPIC dis­c­lo­ses infor­ma­ti­on which may con­tain pro­fes­sio­nal, busi­ness or manu­fac­tu­ring secrets to a for­eign aut­ho­ri­ty, he informs the natu­ral per­sons or legal enti­ties con­cer­ned who are the hol­ders of the­se secrets and invi­tes them to com­ment, unless this is not pos­si­ble or pos­si­ble only with dis­pro­por­tio­na­te efforts.

Sec­tion 4 Other tasks of the FDPIC

Art. 56 Register

The FDPIC keeps a regi­ster on the pro­ce­s­sing acti­vi­ties of the fede­ral bodies. The regi­ster is made public. 

Art. 57 Information

1 The FDPIC reports to the Fede­ral Assem­bly annu­al­ly on his acti­vi­ties. He simul­ta­neous­ly sub­mits the report to the Fede­ral Coun­cil. The report is published.
2 In cases of gene­ral inte­rest, the FDPIC informs the public of his fin­dings and his decisions.

Art. 58 Addi­tio­nal tasks

1 The FDPIC has in par­ti­cu­lar the fol­lo­wing addi­tio­nal tasks:
a. He informs, trains and advi­ses the fede­ral bodies as well as pri­va­te per­sons on mat­ters of data protection.
b. He sup­ports the can­to­nal bodies and coope­ra­tes with dome­stic and for­eign data pro­tec­tion authorities.
c. He rai­ses public awa­re­ness, and in par­ti­cu­lar that of vul­nerable pri­va­te per­sons, regar­ding data protection.
d. He pro­vi­des per­sons at their request with infor­ma­ti­on on how they can exer­cise their rights.
e. He pro­vi­des an opi­ni­on on draft fede­ral legis­la­ti­on and on fede­ral mea­su­res which ent­ail a pro­ce­s­sing of data.
f. He car­ri­es out the tasks assi­gned to him under the Free­dom of Infor­ma­ti­on Act of 17 Decem­ber 2004 or other Fede­ral Acts.
g. He draws up working tools as a recom­men­da­ti­on of good prac­ti­ce for con­trol­lers, pro­ces­sors and data sub­jects; in this respect he con­siders the par­ti­cu­la­ri­ties of the respec­ti­ve area and the pro­tec­tion of vul­nerable pri­va­te persons.
2He may also advi­se fede­ral bodies which are not sub­ject to his super­vi­si­on accor­ding to Artic­les 2 and 4. The fede­ral bodies may grant him access to their files.
3 The FDPIC is aut­ho­ri­sed to decla­re to the for­eign aut­ho­ri­ties respon­si­ble for data pro­tec­tion that direct deli­very is per­mit­ted in Switz­er­land in the area of data pro­tec­tion, pro­vi­ded Switz­er­land is gran­ted reciprocity.

Sec­tion 5 Fees

Art. 59

1 The FDPIC char­ges pri­va­te per­sons fees for:
a. his opi­ni­on on a code of con­duct under Artic­le 11 para­graph 2;
b. his appr­oval of stan­dard data pro­tec­tion clau­ses and bin­ding cor­po­ra­te rules on data pro­tec­tion under Artic­le 16 para­graph 2 let­ters d and e;
c. his con­sul­ta­ti­on based on a data pro­tec­tion impact assess­ment under Artic­le 23 para­graph 2;
d. preli­mi­na­ry injunc­tions and mea­su­res taken under Artic­le 51; and
e. pro­vi­ding his advice on mat­ters of data pro­tec­tion under Artic­le 58 para­graph 1 let­ter a.
2 The Fede­ral Coun­cil deter­mi­nes the amount of fees.
3 It may deter­mi­ne in which cases it is pos­si­ble to refrain from char­ging a fee or to redu­ce it.

Chap­ter 8: Cri­mi­nal Provisions

Art. 60 Breach of obli­ga­ti­ons to pro­vi­de access and infor­ma­ti­on or to cooperate

1 On com­plaint, pri­va­te per­sons are lia­ble to a fine of up to 250,000 Swiss Francs if they:
a. breach their obli­ga­ti­ons under Artic­les 19, 21 and 25 – 27 by wilful­ly pro­vi­ding fal­se or incom­ple­te information;
b. wilful­ly fail:
1. to inform the data sub­ject pur­su­ant to Artic­les 19 para­graph 1 and 21 para­graph 1; or
2. to pro­vi­de the data sub­ject with the infor­ma­ti­on requi­red under Artic­le 19 para­graph 2.
2 Pri­va­te per­sons are lia­ble to a fine of up to 250,000 Swiss Francs if, in vio­la­ti­on of Artic­le 49 para­graph 3, they wilful­ly pro­vi­de fal­se infor­ma­ti­on to the FDPIC in the con­text of an inve­sti­ga­ti­on or wilful­ly refu­se to cooperate.

Art. 61 Vio­la­ti­on of duties of diligence

On com­plaint, pri­va­te per­sons are lia­ble to a fine of up to 250,000 Swiss Francs if they wilful­ly:
a. dis­c­lo­se per­so­nal data abroad in vio­la­ti­on of Artic­le 16 para­graphs 1 and 2 and wit­hout the con­di­ti­ons set forth in Artic­le 17 being met;
b. assign the data pro­ce­s­sing to a pro­ces­sor wit­hout the con­di­ti­ons set forth in Artic­le 9 para­graphs 1 and 2 being met;
c. fail to com­ply with the mini­mum data secu­ri­ty requi­re­ments which the Fede­ral Coun­cil has issued under Artic­le 8 para­graph 3.

Art. 62 Breach of pro­fes­sio­nal confidentiality

1 If a per­son wilful­ly dis­c­lo­ses secret per­so­nal data of which he has gai­ned know­ledge while exer­cis­ing his pro­fes­si­on which requi­res know­ledge of such data, he shall be lia­ble on com­plaint to a fine of up to 250, 000 Swiss Francs.
2 The same penal­ty applies to anyo­ne who wilful­ly dis­c­lo­ses secret per­so­nal data of which he has gai­ned know­ledge in the cour­se of his acti­vi­ties for a per­son bound by a con­fi­den­tia­li­ty obli­ga­ti­on or in the cour­se of trai­ning with such a person.
3 The dis­clo­sure of secret per­so­nal data remains punis­ha­ble after ter­mi­na­ti­on of such pro­fes­sio­nal acti­vi­ties or training.

Art. 63 Dis­re­gard of decisions

Pri­va­te per­sons shall be lia­ble to a fine of up to 250,000 Swiss Francs if they wilful­ly fail to com­ply with a decis­i­on issued by the FDPIC with refe­rence to the cri­mi­nal penal­ty of this Artic­le or a decis­i­on issued by the appel­la­te authorities. 

Art. 64 Vio­la­ti­ons com­mit­ted within undertakings

1 For vio­la­ti­ons com­mit­ted within under­ta­kings, Artic­les 6 and 7 of the Fede­ral Act of 22 March 1974 on Admi­ni­stra­ti­ve Cri­mi­nal Law shall apply.
2 If a fine not exce­e­ding 50,000 Swiss Francs could come into con­side­ra­ti­on and Admi­ni­stra­ti­ve Cri­mi­nal Law requi­red inve­sti­ga­ti­ve mea­su­res that would be dis­pro­por­tio­na­te in com­pa­ri­son with the penal­ty incur­red, the aut­ho­ri­ty may abstain from pro­se­cu­ting the­se per­sons and instead sen­tence the under­ta­king to the payment of the fine (Artic­le 7 of the Admi­ni­stra­ti­ve Cri­mi­nal Law).

Art. 65 Jurisdiction

1 The can­tons are respon­si­ble for the pro­se­cu­ti­on and the judgment of cri­mi­nal acts.
2 The FDPIC may report a cri­mi­nal offence to the com­pe­tent cri­mi­nal pro­se­cu­ti­on aut­ho­ri­ties and exer­cise the rights of a pri­va­te plain­ti­ff in the proceedings.

Art. 66 Sta­tu­te of limi­ta­ti­ons for cri­mi­nal prosecution

The right to cri­mi­nal­ly pro­se­cu­te is sub­ject to a sta­tu­te of limi­ta­ti­ons of five years. 

Chap­ter 9: Con­clu­si­on of Inter­na­tio­nal Treaties

Art. 67

The Fede­ral Coun­cil may con­clude inter­na­tio­nal trea­ties con­cer­ning:.
a. the inter­na­tio­nal coope­ra­ti­on bet­ween data pro­tec­tion authorities;
b. the mutu­al reco­gni­ti­on of an ade­qua­te level of pro­tec­tion for the dis­clo­sure of per­so­nal data abroad.

Chap­ter 10: Final Provisions

Art. 68 Repeal and amend­ments of other legislation

The repeal and the amend­ments of other legis­la­ti­on are set forth in annex 1. 

Art. 69 Tran­si­tio­nal pro­vi­si­ons con­cer­ning ongo­ing processing

Artic­les 7, 22 and 23 do not app­ly to data pro­ce­s­sing ope­ra­ti­ons that were star­ted befo­re the ent­ry into force of this law, if the pur­po­se of the pro­ce­s­sing remains unch­an­ged and no new data is obtained. 

Art. 70 Tran­si­tio­nal pro­vi­si­ons con­cer­ning ongo­ing proceedings

This Act does not app­ly to inve­sti­ga­ti­ons of the FDPIC which are pen­ding at the time of its ent­ry into force, nor to pen­ding appeals against first instance decis­i­ons ren­de­red befo­re its ent­ry into force. In the­se mat­ters, the pre­vious law applies. 

Art. 71 Tran­si­tio­nal pro­vi­si­on con­cer­ning data per­tai­ning to legal entities

For fede­ral bodies, the pro­vi­si­ons of other fede­ral regu­la­ti­ons that con­cern per­so­nal data con­ti­n­ue to app­ly to data per­tai­ning to legal enti­ties for three years after the ent­ry into force of this Act. During that time, the fede­ral bodies may in par­ti­cu­lar con­ti­n­ue to dis­c­lo­se the data per­tai­ning to legal enti­ties under Artic­le 57s, para­graph 1 and 2, of the Act of 21 March 1997 on the Orga­ni­sa­ti­on of the Govern­ment and the Admi­ni­stra­ti­on , if the fede­ral bodies are entit­led to dis­c­lo­se per­so­nal based on a legal basis. 

Art. 72 Tran­si­tio­nal pro­vi­si­on con­cer­ning the elec­tion and ter­mi­na­ti­on of the term of office of the commissioner 

1 The elec­tion of the com­mis­sio­ner and the ter­mi­na­ti­on of his term of office shall be gover­ned by the law in force until the end of the legis­la­ti­ve peri­od in which this Act enters into force. 2 If the incum­bent is elec­ted when the com­mis­sio­ner is first elec­ted by the United Fede­ral Assem­bly, the new term of office of the com­mis­sio­ner beg­ins on the day fol­lo­wing the election. 

Art. 72a Tran­si­tio­nal pro­vi­si­on con­cer­ning the employment of the commissioner 

The employment rela­ti­on­ship of the com­mis­sio­nier that has been estab­lished under the pre­vious law will be gover­ned by the pre­vious law. 

Art. 73 Coordination

Coor­di­na­ti­on with other acts is set out in annex 2. 

Art. 74 Refe­ren­dum and ent­ry into force

1 This Act is sub­ject to an optio­nal referendum.
2 The Fede­ral Coun­cil deter­mi­nes the date of ent­ry into force.