Employee Data Privacy

Switzerland - Fines and Penalties

 Download as a PDF

What are the penalties for non-compliance with any applicable data protection laws?

 

Noncompliance with data privacy laws and data breaches may lead to sanctions, fines, and penalties. The amounts are usually calculated according to the risk to which personal rights were exposed and the preventive measures taken by the data controllers, processors and sub-processors in relation to their respective role in the chain of personal data processing.

 

Based on Swiss Data Protection Law, a criminal judge may, upon complaint, apply a sanction with a fine up to CHF 10,000 if the controller willfully breaches its obligations to:

  • provide information upon request of the data subject concerned;
  • provide information on the collection of sensitive personal data and personality profiles;
  • inform the FDPIC about the safeguards and data protection rules in relation to certain cross-border transfers of personal data;
  • register a database with the FDPIC; or
  • cooperate with the FDPIC.

 

The criminal judge may also, upon complaint, sanction with a fine up to CHF 10,000 if a data controller without authorization willfully discloses confidential, sensitive personal data or personality profiles that have come to his knowledge (i) in the course of his professional activities where such activities require the knowledge of such data; or (ii) in the course of their activities for a person bound by professional confidentiality or in the course of training with such a person. Under the draft of the revised Swiss Federal Act on Data Protection, penalties will be increased to CHF 250,000.

 

The offender must be a natural person. If the violation is incumbent on a legal entity, it is attributed to a natural person acting as a governing officer, a partner, an employee with independent decision-making authority or as de facto manager.

 

HR Best Practices: Before processing personal data make sure to be in line the security measures necessary to ensure data security within your organization. Furthermore, ensure all data processors have data breach response plans in place.

 

Ultimate Software's HR Compliance Assist team relies on a network of internal and external compliance experts and lawyers to provide clients with best practices and recommendations on topics such as HR document retention, employee data privacy, and HR electronic records. HR Compliance Assist also provides local compliance monitoring and alert services in select countries where Ultimate Software's customers have employees. HR Compliance Assist is a service exclusively available to Ultimate Software customers.

Share Your Feedback

Let's Talk