Section 1Aim, Scope and Definitions

Art. 1 - Aim Art. 2 - Scope Art. 3 - Definitions

Section 2General Data Protection Provisions

Art. 4 - Principles Art. 5 - Correctness of the data Art. 6 - Cross-border disclosure Art. 7 - Data security Art. 8 - Right to information Art. 9 - Limitation of the duty to provide information Art. 10 - Limitations of the right to information for journalists Art. 10a - Data processing by third parties Art. 11 - Certification procedure Art. 11a - Register of data files

Section 3Processing of Personal Data by Private Persons

Art. 12 - Breaches of privacy Art. 13 - Justification Art. 14 - Duty to provide information on the collection of sensitive personal data and personality profiles Art. 15 - Legal claims

Section 4Processing of Personal Data by Federal Bodies

Art. 16 - Responsible body and controls Art. 17 - Legal basis Art. 17a - Automated data processing in pilot projects Art. 18 - Collection of personal data Art. 18a - Duty to provide information on the collection of personal data Art. 18b - Restriction of the duty to provide information Art. 19 - Disclosure of personal data Art. 20 - Blocking disclosure Art. 21 - Offering documents to the Federal Archives Art. 22 - Processing for research, planning and statistics Art. 23 - Private law activities of federal bodies Art. 24 - Repealed Art. 25 - Claims and procedure Art. 25bis - Procedure in the event of the disclosure of official documents containing personal data

Section 5Federal Data Protection and Information Commissioner

Art. 26 - Appointment and status Art. 26a - Reappointment and termination of the term of office Art. 26b - Secondary occupation Art. 27 - Supervision of federal bodies Art. 28 - Advice to private persons Art. 29 - Investigations and recommendations in the private sector Art. 30 - Information Art. 31 - Additional tasks Art. 32 - Repealed

Section 6Legal Protection

Art. 33 - 1 Legal protection is governed by the general provisions on the administration of federal justice.

Section 7Criminal Provisions

Art. 34 - Breach of obligations to provide information, to register or to cooperate Art. 35 - Breach of professional confidentiality

Section 8Final Provisions

Art. 36 - Implementation Art. 37 - Implementation by the cantons Art. 38 - Transitional provisions Art. 38a - Transitional provision to the Amendment of 19 March 2010 Art. 39 - Referendum and commencement

Art. 12

Breaches of privacy

Data subjects Law Lawful Personal data

1 Anyone who processes personal data must not unlawfully breach the privacy of the data subjects in doing so.

2 In particular, he must not:

Article Personal data

a. process personal data in contravention of the principles of Articles 4, 5 paragraph 1 and 7 paragraph 1;

b. process data pertaining to a person against that person’s express wish without justification;

Disclose Personal data Third parties

c. disclose sensitive personal data or personality profiles to third parties without justification.

Access Prohibit Prohibited

3 Normally there is no breach of privacy if the data subject has made the data generally accessible and has not expressly prohibited its processing.