Swiss Data-Protection Representative (Art. 14 DSG).
A controller domiciled abroad whose processing of personal data of people in Switzerland meets the conditions in Art. 14 DSG must designate a representative in Switzerland. The firm acts as that representative under Arts. 14–15 DSG: it maintains the record of processing and serves as the contact point for data subjects and the EDÖB.
Who this is for
- EU, US and other foreign controllers offering goods or services to, or monitoring, people in Switzerland.
- Companies that have appointed an EU Art. 27 GDPR representative and now need the Swiss counterpart.
- Controllers without a Swiss establishment that need a local contact point for the EDÖB.
What's included
Acting as the representative in Switzerland under Arts. 14–15 DSG for controllers domiciled abroad whose Swiss-facing processing meets the Art. 14 conditions: maintaining the record of processing and serving as the contact point for data subjects and the EDÖB. Advisory on, and coordination of, an EU Art. 27 GDPR representative where the same activity also targets the EU; the firm advises on the EU role but does not act as the EU representative.
How it works
- Eligibility check. The firm confirms whether the Art. 14 DSG conditions are met for the client's Swiss-facing processing.
- Appointment. The firm is designated as the client's representative in Switzerland by written mandate.
- Record of processing. The firm maintains the record the representative must hold under Art. 15 DSG.
- Contact point. The firm acts as the point of contact for data subjects and the EDÖB.
- EU coordination. Where the activity also targets the EU, the firm coordinates the client's separate EU Art. 27 representative.
Indicative pricing
Annual fee, tiered by scale
from CHF 3,000 / year
Tiered to CHF 5,500 / year (251 to 500 staff); a combined Swiss and EU mandate from CHF 7,500 / year.
Indicative starting prices, net and exclusive of Swiss MWST (VAT) where applicable; final fee per written engagement letter.
Frequently asked questions
- Who must appoint a Swiss data-protection representative?
- A controller with its seat abroad must designate a representative in Switzerland where it processes personal data of people in Switzerland, the processing relates to offering goods or services or to monitoring behaviour, and the processing is large-scale, regular and presents a high risk; these are the conditions set out in Art. 14 DSG.
- Is the Swiss representative the same as an EU Art. 27 GDPR representative?
- No. They are mirror-image roles in different jurisdictions: the Art. 14 DSG representative sits in Switzerland for Swiss-facing processing; the Art. 27 GDPR representative sits in the EU for EU-facing processing. A controller targeting both may need both. The firm acts as the Swiss representative and coordinates (but does not act as) the EU one.
- What does the representative actually do?
- Under Art. 15 DSG the representative maintains the record of the controller's processing activities and acts as the contact point through which data subjects and the EDÖB can reach the controller. It is a contact-and-records role, not a transfer of the controller's own legal responsibility.