22 September 2021 – The Federal Data Protection and Information Commissioner (FDPIC) recognizes the standard contractual clauses (SCCs) adopted by the European Commission on 4 June 2021 for transfers of personal data subject to the Swiss Federal Data Protection Act (DPA) to recipients in countries without legislation that guarantees adequate protection. According to the FDPIC, however, certain additions are to be made to the SCCs to be compliant with Swiss data protection law.

The SCCs (adapted to Swiss data protection law requirements) must be used from 27 September 2021 onward. Parties that have relied on the old SCCs may however continue to rely on the old SCCs until 1 January 2023, provided that the data processing subject the old SCCs is not substantially changed.

For more information on the use of of SCCs for transfers of personal data subject by the DPA, the transition period, the supplements required and on how to proceed if a transfer is both subject to the DPA and the GDPR, see our article in the International Law Office.

Companies are well advised to review their practice of cross-border transfers of personal data and adapt it in time to the new requirements.