On September 1, 2023, the new Data Protection Act (nFADP) will come into force in Switzerland. The main aim of the total revision, adopted in September 2020, is the compatibility with the European law, and thus brings many reconciliations with the EU's General Data Protection Regulation (GDPR).
As responsible, you are legally in charge of handling personal data. So that you too can comply with the regulations, we'd like to give you a few pointers on what you need to watch out for.
Duty to provide information
When personal data is processed, information must be provided on the scope and purpose of the processing. This is done by means of a data protection declaration, particularly on the website, where all information on data processing must be provided.
Right of access
Article 25 of the nFADP provides that any person may request the data controller to inform him or her whether personal data concerning him or her is being processed. In accordance with the law, this information must be provided free of charge and, as a general rule, within 30 days. This data can be exported directly from the Immomig® software and, if desired, deleted in the software.
Data Protection Agreement (DPA)
If you entrust the processing of your data to a service provider, a Data Protection Agreement (DPA) must be concluded between the data controller and the data processor. The agreement, which includes information on personal data, data processing and security measures, will form part of IMMOMIG SA's General Terms and Conditions (GTC) and will be available to all our customers in the coming weeks. You will receive detailed information in August.
You can find out more about the new Data Protection Act and its guidelines here.
Sources
VISCHER - Article
PFPDT - Article
Hostpoint - Article
As responsible, you are legally in charge of handling personal data. So that you too can comply with the regulations, we'd like to give you a few pointers on what you need to watch out for.
Duty to provide information
When personal data is processed, information must be provided on the scope and purpose of the processing. This is done by means of a data protection declaration, particularly on the website, where all information on data processing must be provided.
Right of access
Article 25 of the nFADP provides that any person may request the data controller to inform him or her whether personal data concerning him or her is being processed. In accordance with the law, this information must be provided free of charge and, as a general rule, within 30 days. This data can be exported directly from the Immomig® software and, if desired, deleted in the software.
Data Protection Agreement (DPA)
If you entrust the processing of your data to a service provider, a Data Protection Agreement (DPA) must be concluded between the data controller and the data processor. The agreement, which includes information on personal data, data processing and security measures, will form part of IMMOMIG SA's General Terms and Conditions (GTC) and will be available to all our customers in the coming weeks. You will receive detailed information in August.
You can find out more about the new Data Protection Act and its guidelines here.
Sources
VISCHER - Article
PFPDT - Article
Hostpoint - Article