FADP Copilot
Navigate Switzerland's Federal Act on Data Protection with confidence
Ce que le FADP Copilot peut faire
Understand the scope of sensitive personal data under Art. 5(c)
Identify when a data protection impact assessment is required under Art. 22
Map cross-border transfer safeguards to Arts. 16â17 and the DPO adequacy list
Navigate breach notification obligations to the FDPIC under Art. 24
Interpret the four cumulative conditions for appointing a Swiss representative under Art. 14
Draft a record of processing activities aligned with Art. 12 requirements
About FADP Copilot
The FADP (SR 235.1), in force since 1 September 2023, sets out data protection obligations for private controllers and federal bodies processing personal data of natural persons in Switzerland. ISMS Copilot helps you work through its requirements, from processing principles to breach notification and cross-border transfers.
à qui c'est destiné
GDPR
The EU regime revFADP broadly tracks â similar DPIA and processor-contract architecture, but FDPIC supervision, different breach-notification triggers, and lower individual fines.
FINMA RS 23/1
Sister Swiss regulation for financial-services operational resilience â runs in parallel to revFADP for banks and securities firms.
ISO 27701
A certifiable PIMS Swiss controllers often use to operationalise the revFADP technical-and-organisational-measures duty.
Questions fréquemment posées
What is the FADP?
The Federal Act on Data Protection (FADP, SR 235.1) is Switzerland's primary data protection law, in force from 1 September 2023, governing the processing of personal data of natural persons by private controllers and federal bodies. It replaces the 1992 Federal Act on Data Protection and transposes the requirements of Council of Europe Convention 108+.
How does the FADP Copilot help?
ISMS Copilot helps you interpret FADP obligations â such as DPIA requirements under Art. 22, processing principles under Art. 6, and the conditions for cross-border transfers under Arts. 16â17 â so you can make informed decisions about your compliance programme. It supports your analysis; it does not replace legal advice.
How does FADP enforcement differ from the GDPR?
Unlike the GDPR's administrative fines on undertakings, the FADP enforces through criminal fines of up to CHF 250,000 on natural persons for wilful violations (Arts. 60â64), with prosecution by cantonal authorities (Art. 65); the FDPIC may file complaints but does not itself impose fines.
PrĂȘt Ă optimiser votre travail de conformitĂ© ?
Conçu pour la rapiditĂ©, la prĂ©cision et des livrables prĂȘts pour l'audit.