Art. 4 - PrinciplesArt. 5 - Correctness of the dataArt. 6 - Cross-border disclosureArt. 7 - Data securityArt. 8 - Right to informationArt. 9 - Limitation of the duty to provide informationArt. 10 - Limitations of the right to information for journalistsArt. 10a - Data processing by third partiesArt. 11 - Certification procedureArt. 11a - Register of data files
Art. 16 - Responsible body and controlsArt. 17 - Legal basisArt. 17a - Automated data processing in pilot projectsArt. 18 - Collection of personal dataArt. 18a - Duty to provide information on the collection of personal dataArt. 18b - Restriction of the duty to provide informationArt. 19 - Disclosure of personal dataArt. 20 - Blocking disclosureArt. 21 - Offering documents to the Federal ArchivesArt. 22 - Processing for research, planning and statisticsArt. 23 - Private law activities of federal bodiesArt. 24 - RepealedArt. 25 - Claims and procedureArt. 25bis - Procedure in the event of the disclosure of official documents containing personal data
Art. 26 - Appointment and statusArt. 26a - Reappointment and termination of the term of officeArt. 26b - Secondary occupationArt. 27 - Supervision of federal bodiesArt. 28 - Advice to private personsArt. 29 - Investigations and recommendations in the private sectorArt. 30 - InformationArt. 31 - Additional tasksArt. 32 - Repealed
Art. 6
Cross-border disclosure
1 Personal data may not be disclosed abroad if the privacy of the data subjects would be seriously endangered thereby, in particular due to the absence of legislation that guarantees adequate protection.
2 In the absence of legislation that guarantees adequate protection, personal data may be disclosed abroad only if:
a. sufficient safeguards, in particular contractual clauses, ensure an adequate level of protection abroad;
b. the data subject has consented in the specific case;
c. the processing is directly connected with the conclusion or the performance of a contract and the personal data is that of a contractual party;
d. disclosure is essential in the specific case in order either to safeguard an overriding public interest or for the establishment, exercise or enforcement of legal claims before the courts;
e. disclosure is required in the specific case in order to protect the life or the physical integrity of the data subject;
f. the data subject has made the data generally accessible and has not expressly prohibited its processing;
g. disclosure is made within the same legal person or company or between legal persons or companies that are under the same management, provided those involved are subject to data protection rules that ensure an adequate level of protection.
3 The Federal Data Protection and Information Commissioner (the Commissioner, Art. 26) must be informed of the safeguards under paragraph 2 letter a and the data protection rules under paragraph 2 letter g. The Federal Council regulates the details of this duty to provide information.
