Skip to main content
NOPE
In Effect Law Data Protection

Switzerland FADP

Federal Act on Data Protection (FADP/nDSG)

Switzerland's revised data protection law with Article 21 automated decision transparency requirements, human review rights, and fines up to CHF 250,000.

Jurisdiction

Switzerland

Enacted

Sep 25, 2020

Effective

Sep 1, 2023

Enforcement

Federal Data Protection and Information Commissioner (FDPIC)

Non-EU compliance pathway with automated decision transparency

FDPIC Official Guidance

Why It Matters

Switzerland's FADP Article 21 automated decision transparency requirements directly impact AI chatbot risk assessments. Provides non-EU compliance pathway for AI companies not subject to GDPR.

Recent Developments

Effective September 2023; provides non-EU compliance pathway

At a Glance

Applies to

AI CompanionMental Health AppGeneral Chatbot

Who Must Comply

  • Data controllers and processors in Switzerland
  • Entities processing data of Swiss residents
  • Automated decision-making systems

Obligations fall on:

Safety Provisions

  • Article 21: Automated decision transparency and explanation
  • Human review rights for automated decisions
  • Data Protection Impact Assessment for high-risk processing
  • Breach notification required
  • Cross-border transfer protections

Compliance & Enforcement

Penalties

CHF 250K

View on map

Switzerland

Focus Areas

Mental health & crisis
Algorithmic accountability

Cite This

APA

Switzerland. (2020). Federal Act on Data Protection (FADP/nDSG).

Related Regulations

In Effect PT

Portugal Digital Rights Charter

Portugal's Charter of Digital Rights with Article 9 requiring AI to respect fundamental rights and establishing algorithmic auditability principles.

In Effect RS

Serbia PDP Law

Serbia's GDPR-aligned data protection law with profiling safeguards and DPIA requirements.

In Effect EU

GDPR

Foundational EU data protection law with direct AI enforcement precedent. Article 22 restricts automated decision-making; Article 9 classifies mental health data as special category requiring explicit consent; Article 8 sets children's consent thresholds (13-16 by member state).

In Effect AT

Digital Austria 2.0

Austria's digital sovereignty framework establishing Sovereignty Compass for AI audits and mandatory Digi-Check for all legislation.

In Effect AT

Austria AI Service Center

Austria's national AI authority established within RTR (Rundfunk und Telekom Regulierungs-GmbH) for EU AI Act market surveillance coordination.

In Effect NL

Netherlands Algorithmic Framework

Netherlands' algorithmic risk assessment framework specifically addressing mental health chatbots in risk reports and requiring Fundamental Rights Impact Assessment (FRIA).

All regulations Check if this applies to you

Last updated January 22, 2026. Verify against primary sources before relying on this information.