Legal Framework


EU General Data Protection Regulation

Switzerland is neither a member of the EU nor of the EEA. Accordingly, the EU Regulation 2016/679, better known as the General Data Protection Regulation (GDPR), is not directly applicable in Switzerland. Despite Switzerland not being a member of the EU and the EEA, Swiss undertakings may be subject to the GDPR (for example where the processing activities are related to the offering of goods or services to individuals in the EU or EEA or the monitoring of individuals’ behaviour in the EU or EEA is concerned). The EU deemed Switzerland to provide an adequate level of data protection in a decision issued in 2024. Therefore, in principle, personal data can be transferred freely between Switzerland and the EEA.

European Council (Convention No 108)

The Europe Convention on the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention ETS 108) is the first and, to this day, the only binding international instrument in the field of data protection law. It was recently modernised, with the revised Convention ETS 108+ opened for signature on 25 June 2018. After entry into the force of the revised FADP, Switzerland ratified the Convention ETS 108+ in September 2023.

The Convention is part of the case law of the European Court of Human Rights (ECtHR) when interpreting Article 8 of the European Convention on Human Rights (ECHR). Since Switzerland has incorporated the ECHR into its own law, this is also reflected in Swiss jurisprudence.


Walder Wyss Ltd. is not affiliated with any of the organisations or individuals to which a link is provided and does not endorse or warrant the content of the linked websites. The links are provided as is.