Has your rent been raised? Find out more about your rights

Data protection: What you should know on the subject

What is data protection? How does it work? Where is it regulated? These questions and more are answered by MyRight here.

The answer in detail

What is data protection?

Data protection serves to protect your personal data against fraudulent use by others.

What is the goal of data protection?

Data protection is designed to protect the privacy and basic rights of individuals – in connection with the processing of their data by others. Data protection law sets out rules on how to deal with personal data so that the affected person does not suffer any disadvantage as a result. When personal data is processed, the following three basic principles must be upheld:

  • As little data as possible and only as much as necessary should be collected or processed.
  • The person concerned must have the opportunity at all times to receive information about which of their data the other person has saved.
  • Moreover, the affected person must have the opportunity at all times to require the correction or deletion of incorrect data. 

Data protection thus gives people the right to decide for themselves who is allowed to process their data and exactly which data. 

Why should you protect your data at all? 

Data reveals a lot about you. About your consumption habits or the places you spend the most time. For companies, in particular, this kind of data is very valuable: For example, they can use it to implement targeted advertising.

However, data can also be misused. By protecting your own data, you maintain a certain level of anonymity and privacy.

How can you protect your data?

  • Cookies: Either reject them completely or adjust the settings individually
  • Do not enter or pass on or provide data unnecessarily 
  • Use secure browsers and use only https-addresses

Are there regulatory bodies that are responsible for compliance with legal data protection provisions – and whom I can contact?

The Federal Data Protection and Information Commissioner (FDPIC) is responsible for advising and supervising private persons and federal entities. However, you as a private person must assert your rights with regard to data protection directly with the persons and companies who have and process your data. Our experts would be happy to advise you on the steps you need to take.

When does the new Data Protection Act come into force? 

The revised Federal Act on Data Protection will enter into force on September 1, 2023. 

Why was it necessary to amend the act?

It was necessary to amend the Data Protection Act for two reasons: On the one hand, the Data Protection Act needed to be adapted to changed societal and technological conditions. That means provisions need to be supplemented in such a way that adequate data protection can also be ensured when it comes to issues like clouds, big data, and social networks. In this way, individuals’ rights and capacity to act are strengthened and expanded. On the other hand, it was important and necessary to bring the Swiss Data Protection Act in line with European data protection regulations. If no changes had been made, Swiss companies would have been at a competitive disadvantage, as data exchange within the EU would have become more difficult owing to the fact that the EU has must stricter rules than Switzerland. For this reason, it was important to ensure that the EU Commission continues to view the data protection level in Switzerland as sufficient. 

Why do we need data protection?

Growing amounts of data are being collected and used. Since some of the data collected includes very personal or even sensitive data, it is necessary to set out some rules. After all, the unimpeded use of data could harm the affected person. Data protection is all the more important because individuals obtain rights which enable them to determine access to their data themselves. 

Who governs data protection?

Firstly, the protection of personal data is set out in the constitution. The Federal Constitution (Bundesverfassung) stipulates in Art. 13 that each person is entitled to protection of their personal data.

This constitutional right was enshrined in the Federal Act on Data Protection (FADP) and the Ordinance to the Federal Act on Data Protection (OFADP).

There are additional legal provisions governing the protection of privacy with regard to data. For example, Articles 28a – 28l of the Swiss Civil Code (SCC) define steps that can be taken in cases of breaches of privacy.