Collecting Data is Data Processing
The Swiss Federal Data Protection Act (DPA) provides
that the mere act of collecting personal data constitutes the
processing of personal data. Therefore, all legal requirements which
apply to the processing of personal data also apply to the collection of
personal data.
Data collection must be lawful
According to the DPA, the collection of personal
data must be lawful. The collection of personal data is unlawful if it
is collected by unlawful means, such as the illegal recording of
conversations or secret monitoring of persons.
Issues to consider when collecting data
It is important to collect personal data in compliance with the DPA. Some issues to consider when collecting personal data include:
- Informing data subjects about the data processing and its intended purpose;
- Informing data subjects about whether the data will be disclosed to third parties and whether a transfer outside Switzerland is contemplated;
- Obtaining any consents required for the data processing.