Securiti announces a $75M Series C Funding Round

View

Switzerland Federal Act on Data Protection 1992

Operationalize FADP compliance with the most comprehensive PrivacyOps platform.

background-image

The Swiss Federal Act on Data Protection (FADP) originally dates back to June 19, 1992. It applies to data processing activities carried out by businesses, organizations, federal authorities, and natural persons that process data in the context of business activities.

The FADP has undergone a thorough overhaul to account for technical and legislative changes, especially to bring it in line with the requirements of the GDPR, which are crucial for enterprises that share personal data with organizations in the EU.

On September 25, 2020, the Swiss parliament officially approved the new FADP. The Swiss Federal Council will soon determine the new FADP's effective date. The revisions to the new FADP bring its provisions closer to those of the GDPR, expand procedural standards, and improve individual rights. The revised FADP is expected to come into effect in 2023.

Even though the Swiss Federal Constitution's Article 13 guarantees the right to privacy, a dedicated data protection law (Federal Act on Data Protection) introduces several rules that safeguard the personal information of data subjects.


The Solution

Securiti enables organizations to comply with the Swiss Federal Act on Data Protection (FADP) through AI-driven PI data discovery, DSR automation, documented accountability, enhanced visibility into data processing activities, and AI-driven process automation.

Securiti supports enterprises in their journey toward compliance with the Swiss Federal Act on Data Protection (FADP) through automation, enhanced data visibility, and identity linking.

See how our comprehensive PrivacyOps platform helps you comply with various sections of the Swiss Federal Act on Data Protection (FADP).

securiti dashboard

With its state-of-the-art artificial intelligence and machine-learning-based tools, Securiti is a market leader in providing data governance and compliance solutions.

Request a demo today to learn how Securiti can aid you and your organization's compliance efforts.


 

Secure Fulfillment of Data Access Requests

Article 8(1)

Seamlessly fulfill data subject access requests made by data subjects regarding their personal data being processed by verifying the identity of the data subject making the DSR request, discovering systems that hold data subject’s personal data and their owners, and generating DSR reports to respond within stipulated timelines.

dsr requests
data rectify request

Automate the Processing of Rectification Requests

Article 5

Automated data subject verification procedures can quickly and accurately process requests for data rectification across all instances where the subject's personal information is stored.

Monitor and Track Consent

Articles: 4(5) + 6(2)(b) 17(2)(c)

Monitor consent status across all organizational units. Keep track of consent preferences and honor consent revocation adequately and immediately. Demonstrate consent compliance with the help of updated and comprehensive audit trails.

personal data monitoring tracking

Meet Cookie Compliance

Articles: 4(5) + 17(c)

Automatically classify cookies and tags found on the company's web assets. Create customizable cookie banners to display banners as per the applicable geographical requirements, gather consent, and offer a preference center to users to honor their cookie preferences immediately and adequately.

Assess Third Parties and Manage Vendor Risk

Articles 6 + 10(a)

From a single interface, track, monitor, and control each service provider's privacy and security readiness. Identify data risks and remediate discovered vendor risks.

manage vendor risk

Implement Data Security

Article 7 + 12(1)

Implement measures to adequately protect personal data against unauthorized processing and unlawful breach of the privacy of the data subjects.

Privacy Notice Creation & Management

Articles: 8 + 14 + 18(a)

Refresh and update your privacy policies and notices automatically. Utilize pre-made privacy notice templates to create and publish a privacy notice per the applicable law requirements. You can ensure that your privacy policy and notice are continually updated by monitoring changes in cookie consent, universal consent, data processing, and data subject rights’ requests activities.

breach response notification

Manage Security Incidents and Notify Data Breaches

Article 12

Automate compliance actions and breach notifications to concerned stakeholders regarding security incidents by leveraging a knowledge database on security incident diagnosis and response.

Maintain Accurate and Updated Data Records

Article 5 + 11(3)

Ensure records of data processing activities across on-premise, and multi-cloud environments are maintained systematically and accurately. Periodically update data records to ensure correct data is available against its rightful owner.

Key Rights Under the Federal Act on Data Protection

Right to be Informed

Under the FADP, businesses must be transparent with data subjects and inform them of the data processing, including the processing of sensitive personal data and personality profiles. Personality profiles mean a collection of data that permits an assessment of essential characteristics of the personality of a natural person.


Right to Access

The FADP allows data subjects to view and request a copy of the personal information being processed about them.


Right to Rectification

Data subjects have the right to request that the data controller rectify their data.


Right to Erasure

The FADP gives data subjects the ability to request the erasure of their data.


Right to Object/Opt-Out

Data subjects have the option to object to the processing of personal data, request for it to be stopped, and not to be disclosed to any third party.


Right to Block Disclosure

Data Subjects can request the concerned federal body to block the disclosure of certain personal data by showing legitimate interest in doing so.

Quick Facts About Federal Act on Data Protection

1

Privacy and data protection in Switzerland are primarily rooted in FADP and the Swiss Civil Code.

2

The FADP codifies the constitutional right to privacy as given under the Federal Constitution of the Swiss Confederation.

3

The regulatory body responsible for upholding the FADP is the Federal Data Protection and Information Commissioner (FDPIC).

4

The FADP applies to both private and federal entities.

5

On complaint, private persons are liable to pay fines if they fail to fulfill their duty to provide information to data subjects as specified by provisions of FADP.

6

A person is also liable to fine if he/she willfully breaches confidential, sensitive personal data or personality profile that he/she has come to know about in his/her professional capacity.

7

Automated data processing for sensitive data/profiling for pilot projects may be approved by the Federal Council (in consultation with FDPIC) if a test run is conducted before the enactment of such tasks/projects and adequate safeguards are taken against privacy breaches.

8

The revised FADP will bring significant changes. For example, organizations will have enhanced information obligations and an obligation to conduct data protection impact assessment in case of high-risk data processing activities.

At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.

Newsletter



Users love Securiti on G2 G2 leader spring 2022 G2 leader summer 2022 G2 leader easiest business 2022 RSAC Leader Forrester Badge IAPP Innovation award 2020 Gartner Cool Vendor Award Sinet Innovator Award