Applicable legislation Privacy is a fundamental right under Swiss law. According to Article 13 of the Swiss Federal Constitution, every person has the right to privacy in their private and family life and their home, and in relation to their mail and telecommunications, as well as the right to be protected against the misuse of their personal data. The Federal Act on Data Protection 1992 (FADP) protects the privacy and the fundamental rights of natural and legal persons when their personal data is processed. A revised version of the Federal Act on Data Protection (only available in German here, in French here, and in Italian here) (Revised FADP), was enacted on September 25, 2020, and came
Insight
Switzerland: Data protection in the financial sector
September 27, 2023
Summary
Switzerland's financial sector is renowned for its data protection, with privacy as a fundamental right under Swiss law. The Revised Federal Act on Data Protection (FADP), effective September 1, 2023, aligns with the EU's GDPR but focuses solely on natural persons' data, introducing Privacy by Design and Default, and recognizing 'profiling.' Swiss Financial Market Supervisory Authority (FINMA) oversees financial institutions, which must adhere to bank-client confidentiality, operational risk management, and cybersecurity, including reporting cyberattacks within 24 hours. The Revised FADP and FINMA regulations also cover outsourcing, requiring financial institutions to ensure data protection and operational resilience, with specific guidelines for handling data subjects' rights.