Art. 1 Purpose
This Act has the purpose of protecting the personality and fundamental rights of natural persons whose personal data is processed.
235.1
English is not an official language of the Swiss Confederation. This translation is provided for information purposes only and has no legal force.
of 25 September 2020 (Status as of 1 September 2023)
This Act has the purpose of protecting the personality and fundamental rights of natural persons whose personal data is processed.
1 This Act applies to the processing of personal data of natural persons by:
2 It does not apply to:
3 The applicable procedural law regulates the processing of personal data and the data subject's rights in court proceedings and in proceedings governed by federal procedural regulations. This Act applies to first instance administrative proceedings.
4 The public registers for private legal transactions, and in particular the access to these registers and the data subject's rights, shall be regulated by the specific provisions of the applicable federal law. If the specific provisions do not contain any rules, this Act applies.
1 This Act applies to circumstances that have an effect in Switzerland, even if they were initiated abroad.
2 For rights under private law, the Federal Act of 18 December 19874 on Private International Law applies. In addition, the provisions on the territorial scope of application of the Criminal Code5 are reserved.
1 The Federal Data Protection and Information Commissioner (FDPIC) supervises the application of the federal data protection regulations.
2 The following are exempted from supervision by the FDPIC:
In this Act:
1 Personal data must be processed lawfully.
2 The processing must be carried out in good faith and be proportionate.
3 Personal data may only be collected for a specific purpose that the data subject can recognise; personal data may only be further processed in a manner that is compatible with this purpose.
4 They shall be destroyed or anonymised as soon as they are no longer required for the purpose of processing.
5 Any person who processes personal data must satisfy themselves that the data are accurate. They must take all appropriate measures to correct, delete or destroy data that are incorrect or incomplete insofar as the purpose for which they are collected or processed is concerned. The appropriateness of the measures depends in particular on the form and the extent of the processing and on the risk that the processing poses to the data subject's personality or fundamental rights.
6 If the consent of the data subject is required, such consent is only valid if given voluntarily for one or more specific instances of processing based on appropriate information.
7 The consent must be explicitly given for:
1 The controller is obliged to arrange the data processing in technical and organisational terms so that the data protection regulations, and in particular the principles under Article 6, are respected. It shall take account of this from the planning stage.
2 The technical and organisational measures must in particular be appropriate with regard to the state of the art, the nature and the extent of the data processing and the risk that the processing poses to the data subject's personality or fundamental rights.
3 The controller is obliged to ensure by means of suitable default settings that the processing of personal data is limited to the minimum required for the purpose intended, unless the data subject specifies otherwise.
1 The controller and the processor shall guarantee a level of data security appropriate to the risk by taking suitable technical and organisational measures.
2 The measures must make it possible to avoid breaches of data security.
3 The Federal Council shall issue provisions on the minimum requirements for data security.
1 The processing of personal data may be assigned by contract or by the legislation to a processor if:
2 The controller must satisfy itself in particular that the processor is able to guarantee data security.
3 The processor may only assign processing to a third party with prior approval from the controller.
4 It may claim the same grounds for justification as the controller.
1 Private controllers may appoint a data protection officer.
2 The data protection officer is the contact point for the data subjects and for the authorities responsible for data protection in Switzerland. He or she has the following tasks in particular:
3 Private controllers may invoke the exception in Article 23 paragraph 4 if the following requirements are satisfied:
4 The Federal Council shall regulate the appointment of data protection officers by federal bodies.
1 Professional, industry and trade associations that are authorised to safeguard the economic interests of their members in their articles of association and federal bodies may submit codes of conduct to the FDPIC.
2 The FDPIC shall state and publish his or her opinions on the codes of conduct.
1 The controller and the processor shall each maintain a record of their processing activities.
2 The controller's record shall as a minimum contain:
3 The processor's record shall contain information on identity of the processor and of the controller, the categories of processing carried out on behalf of the controller, and the information mentioned in paragraph 2 letters f and g.
4 The federal bodies shall notify the FDPIC of their records of processing activities.
5 The Federal Council shall provide exceptions for legal entities that have fewer than 250 employees and whose data processing poses a negligible risk of harm to the personality of the data subjects.
1 The manufacturers of data processing systems or programs and controllers and processors may have their systems, products and services evaluated by recognised independent certification bodies.
2 The Federal Council shall issue regulations on the recognition of certification procedures and the introduction of a data protection quality mark. In doing so, it shall take account of international law and the internationally recognised technical standards.
1 Private controllers with registered office or domicile abroad shall appoint a representative in Switzerland if they process the personal data of persons in Switzerland and the data processing meets the following requirements:
2 The representative shall serve as the contact point for the data subjects and the FDPIC.
3 The controller shall publish the name and the address of the representative.
1 The representative shall maintain a record of controller's processing activities that contains the information set out in Article 12 paragraph 2.
2 On request, he or she shall provide the FDPIC with the information contained in the record.
3 On request, the representative shall provide data subjects with information on how they can exercise their rights.
1 Personal data may be disclosed abroad if the Federal Council has decided that the legislation of the State concerned or the international body guarantees an adequate level of protection.
2 In the absence of a decision by the Federal Council under paragraph 1, personal data may be disclosed abroad only if an appropriate level of data protection is guaranteed by:
3 The Federal Council may provide for other appropriate guarantees in line with paragraph 2.
1 In derogation from Article 16 paragraphs 1 and 2, personal data may be disclosed abroad in the following cases:
2 The controller or the processor shall inform the FDPIC on request about the disclosure of personal data under paragraph 1 letters b number 2, c and d.
If personal data are made generally accessible by means of automated information and communications services in order to provide information to the general public, this is not deemed to be disclosure abroad, even if the data are accessible from abroad.
1 The controller shall inform the data subject in an appropriate manner when collecting personal data; this duty to provide information also applies if the data is not collected from the data subject.
2 It shall provide the data subject on collecting the data with the information required for the data subject to exercise their rights under this Act and to guarantee transparent data processing; it shall provide the following information as a minimum:
3 If the data is not collected from the data subject, the controller shall also inform the data subject of the categories of processed personal data.
4 If the personal data are disclosed abroad, the controller shall also inform the data subject of the State or the international body to which such data are disclosed and if applicable of the guarantees under Article 16 paragraph 2 or the application of an exception under Article 17.
5 If the data is not collected from the data subject, the controller shall also inform the data subject of the information specified in paragraphs 2-4 at the latest one month after receiving the data. If the controller discloses the personal data before the expiry of this deadline, it shall inform the data subject at the time of disclosure at the latest.
1 The duty to provide information under Article 19 ceases to apply if one of the following requirements is satisfied:
2 If the personal data is not collected from the data subject, the duty to provide information also ceases to apply if any one of the following requirements is satisfied:
3 The controller may restrict, delay or dispense with the provision of the information in the following cases:
4 Legal entities that belong to the same group of companies are not third parties within the meaning of paragraph 3 letter c number 2.
1 The controller shall inform the data subject about any decision that is based exclusively on automated processing and that has a legal consequence for or a considerable adverse effect on the data subject (automated individual decision).
2 It shall on request allow the data subject to express their point of view. The data subject may request that the automated individual decision be reviewed by a natural person.
3 Paragraphs 1 and 2 do not apply if:
4 If the automated individual decision is issued by a federal body, it must designate the decision accordingly. Paragraph 2 does not apply if, in accordance with Article 30 paragraph 2 of the Administrative Procedure Act of 20 December 19686 (APA) or another federal act, the data subject is not entitled to a hearing before the decision is taken.
1 If processing is likely to result in a high risk to the data subject's personality or fundamental rights, the controller shall carry out a data protection impact assessment beforehand. If several similar processing procedures are planned, a joint assessment may be carried out.
2 The existence of a high risk, in particular when using new technologies, depends on the nature, extent, circumstances and purpose of the processing. A high risk arises in particular:
3 The data protection impact assessment shall include a description of the planned processing, an evaluation of the risks to the data subject's personality or fundamental rights and a description of the measures to protect personality and fundamental rights.
4 Private controllers are exempt from having to carry out a data protection impact assessment if they are required by law to process the data.
5 A private controller may dispense with carrying out a data protection impact assessment if it uses a system, product or service that is certified under Article 13 for the intended use, or if it complies with a code of conduct under Article 11 that satisfies the following requirements:
1 If the data protection impact assessment indicates that the planned processing despite the measures planned by the controller will still pose a high risk to the personality or the data subject's fundamental rights, the controller shall seek the FDPIC's opinion beforehand.
2 The FDPIC shall inform the controller within two months of any objections to the planned processing. This deadline may be extended by one month if the data processing is complex.
3 If the FDPIC objects to the planned processing, he or she shall propose suitable measures to the controller.
4 A private controller may dispense with consulting the FDPIC if it has consulted the data protection officer under Article 10.
1 The controller shall notify the FDPIC of any breach of data security that is likely to lead to a high risk to the data subject's personality or fundamental rights as quickly as possible.
2 In the notification, it shall as a minimum specify the nature of the breach of data security, its consequences and the measures taken or planned.
3 The processor shall notify the controller of any breach of data security as quickly as possible.
4 The controller shall inform the data subject if this is required for their protection or if the FDPIC so requests.
5 It may limit, delay or dispense with the provision of information to the data subject if:
6 A notification made pursuant to this Article may only be used against the person required to notify in criminal proceedings with that person's consent.
1 Any person may request information from the controller on whether personal data relating to them is being processed.
2 The data subject shall receive the information required to be able to exercise their rights under this Act and to guarantee transparent data processing. In every case, they are entitled to the following information:
3 The data subject may consent to having personal data relating to their health communicated by a health profession of their choice.
4 If the controller arranges for personal data to be processed by a processor, it remains under a duty to provide information.
5 No one may waive their right of access in advance.
6 The controller must provide information free of charge. The Federal Council may provide for exceptions, in particular if the effort required is disproportionate.
7 The information shall in general be provided within 30 days.
1 The controller may refuse to provide information, or restrict or delay the provision of information if:
2 Furthermore, it is possible to refuse, restrict or delay the provision of information in the following cases:
3 Legal entities that belong to the same group of companies are not third parties within the meaning of paragraph 2 letter a number 2.
4 The controller must indicate why it is refusing, restricting or delaying the provision of the information.
1 If personal data are processed exclusively for their publication in the editorial section of a periodically published medium, the controller may refuse, restrict or delay the provision of information for one of the following reasons:
2 Journalists may also refuse, restrict or delay the provision of information if they are using the personal data exclusively as an aid to their own personal work.
1 Any person may request the controller to deliver the personal data that they have disclosed to it in a conventional electronic format if:
2 The data subject may also request the controller to transfer their personal data to another controller if the requirements in paragraph 1 are met and no disproportionate effort is required.
3 The controller must deliver or transfer the personal data free of charge. The Federal Council may provide for exceptions, in particular if the effort is disproportionate.
1 The controller may refuse, restrict or delay the delivery or transfer of personal data for the reasons set out in Article 26 paragraphs 1 and 2.
2 The controller must give reasons why it has decided to refuse, restrict or delay the delivery or transfer.
1 Any person who processes personal data must not unlawfully breach the data subjects' personality rights.
2 A breach of personality rights arises in particular if:
3 In general no breach of personality rights arises if the data subject makes the personal data generally accessible and has not explicitly prohibited any processing.
1 A breach of personality rights is unlawful unless it is justified by the consent of the data subject, by an overriding private or public interest, or by the law.
2 The controller may have an overriding interest in the following cases in particular:
1 The data subject may request that incorrect personal data be corrected unless:
2 Actions to protect the personality are governed by the Articles 28, 28a and 28g-28l of the Civil Code7. The applicant may in particular request that:
3 If neither the accuracy nor the inaccuracy of the relevant personal data can be established, the applicant may request that the data be marked as being disputed.
4 The applicant may also request that any correction, deletion or destruction, prohibition of processing or disclosure to third parties, marking as disputed or judgment be communicated to third parties or be published.
The Federal Council shall regulate the control procedures and responsibility for data protection in cases in which a federal body processes personal data jointly with other federal bodies, with cantonal bodies or with private persons.
1 Federal bodies may only process personal data if there is a statutory basis for doing so.
2 A statutory basis in a formal law is required in the following cases:
3 A statutory basis in a substantive law is sufficient as the basis for processing personal data under paragraph 2 letters a and b provided the following requirements are satisfied:
4 In derogation from the paragraphs 1-3, federal bodies may process personal data if any one one of the following requirements is satisfied:
1 Before a formal enactment comes into force, the Federal Council may authorise the automated processing of sensitive personal data or other data processing under Article 34 paragraph 2 letters b and c if:
2 The Federal Council shall obtain the FDPIC's opinion beforehand.
3 The competent federal body shall submit an evaluation report to the Federal Council no later than two years after the start of the pilot trial. In the report, it shall propose the continuation or discontinuation of the processing.
4 Automated data processing must in every case be discontinued if no formal enactment containing the required legal basis has come into force within five years of the start of the pilot trial.
1 Federal bodies may only disclose personal data if there is a statutory basis for doing so in accordance with Article 34 paragraphs 1-3.
2 They may disclose personal data in specific cases in derogation from paragraph 1, if any one of the following requirements is satisfied:
3 The federal bodies may furthermore disclose personal data as part of official information provided to the public or based on the Freedom of Information Act of 17 December 20048 if:
4 They may also disclose a person's surname, first name, address and date of birth on request even if the requirements in paragraphs 1 or 2 are not satisfied.
5 They may make personal data generally accessible by means of automated information and communications services if there is a legal basis for publishing the data or if they disclose data based on paragraph 3. If there is no longer a public interest in making the data generally accessible, the data concerned shall be deleted from the automated information and communications service.
6 The federal bodies shall refuse or restrict disclosure or make disclosure subject to requirements if:
1 A data subject who credibly shows a legitimate interest may object to the disclosure of specific personal data by the responsible federal body.
2 The federal body shall reject the objection if any one of the following requirements is satisfied:
3 Article 36 paragraph 3 remains reserved.
1 In accordance with the Archiving Act of 26 June 19989, federal bodies shall offer to the Federal Archives all personal data that they no longer regularly require.
2 They shall destroy personal data that the Federal Archives do not deem to be worth archiving unless:
1 Federal bodies may process personal data for purposes not related to specific persons, in particular for research, planning or statistics, provided:
2 Articles 6 paragraph 3, 34 paragraph 2 and 36 paragraph 1 do not apply.
If a federal body acts under private law, the provisions on data processing by private persons apply.
1 Any person who has a legitimate interest may request the responsible federal body to:
2 The applicant may in particular request the federal body to:
3 Instead of deleting or destroying the personal data, the federal body shall restrict the processing if:
4 If neither the accuracy nor the inaccuracy of the relevant personal data can be established, the federal body shall mark the data as being disputed.
5 The correction, deletion or destruction of personal data may not be requested in connection with the stocks held by publicly accessible libraries, education and training institutions, museums, archives or other public memory institutions. If the applicant credibly shows an overriding interest, he or she may request the institution to restrict access to the disputed data. Paragraphs 3 and 4 do not apply.
6 The procedure is governed by the APA10. The exceptions in Articles 2 and 3 APA do not apply.
Where proceedings relating to access to official documents that contain personal data in accordance with the Freedom of Information Act of 17 December 200411 are pending, the data subject may claim those rights in the proceedings that they would have under Article 41 of this Act in relation to the documents that are the subject matter of the access proceedings.
1 The United Federal Assembly shall elect the head of the FDPIC (the Commissioner).
2 Any person with the right to vote on federal matters is eligible for election.
3 The Commissioner's employment relationship is governed, unless this Act provides otherwise, by the Federal Personnel Act of 24 March 200012 (FPA). The Commissioner shall be insured against the financial consequences of retirement, invalidity and death with PUBLICA, the Federal Pension Fund. If the Commissioner remains in the position after reaching the age of 65 and so requests, pension cover shall be extended until the end of the employment contract, but no later than the end of the year in which the Commissioner attains the age of 68. The FDPIC shall finance the employer's contributions.13
3bis The Federal Assembly shall issue the implementing provisions relating to the Commissioner's employment contract in an ordinance.14
4 The Commissioner shall exercise his or her duties independently, without seeking or accepting instructions from any authority or third party. He or she is assigned for administrative purposes to the Federal Chancellery.
5 He or she shall have a permanent secretariat and his or her own budget. He or she shall appoint his or her staff.
6 He or she is is not subject to the system of assessment under Article 4 paragraph 3 FPA.
13 Second to fourth sentences inserted by No I of the FA of 17 June 2022 (Employment Contract for the Head of the FDPIC), in force since 1 Sept. 2023 (AS 2023 231; BBl 2022 345, 432).
14 Inserted by No I of the FA of 17 June 2022 (Employment Contract for the Head of the FDPIC), in force since 1 Sept. 2023 (AS 2023 231; BBl 2022 345, 432).
1 The Commissioner's term of office amounts to four years and may be extended twice. It begins on the first day of January following the start the National Council's legislature period.
2 The Commissioner may terminate his or her employment contract at the end of any month subject to a period of six months' notice. The Judiciary Committee may in an individual case allow the Commissioner a shorter period of notice if there are no substantial interests that preclude this.15
3 The United Federal Assembly may remove the Commissioner from office before the end of the term of office if he or she:
15 Amended by No I of the FA of 17 June 2022 (Employment Contract for the Head of the FDPIC), in force since 1 Sept. 2023 (AS 2023 231; BBl 2022 345, 432).
The Judiciary Committee may issue a reprimand if it establishes that the Commissioner has failed to comply with official duties.
16 Inserted by No I of the FA of 17 June 2022 (Employment Contract for the Head of the FDPIC), in force since 1 Sept. 2023 (AS 2023 231; BBl 2022 345, 432).
The FDPIC shall submit the draft of his or her budget each year via the Federal Chancellery to the Federal Council. The Federal Council shall submit the budget unchanged to the Federal Assembly.
The Commissioner may not be a member of the Federal Assembly or the Federal Council and may not have any other employment relationship with the Confederation.
1 The Commissioner may not have any additional occupations.
2 The Judicial Committee may permit the Commissioner to carry out an additional occupation provided this does not adversely affect the exercise of his or her duties or the independence and the reputation of the FDPIC.17 The decision shall be published.
17 Amended by No I of the FA of 17 June 2022 (Employment Contract for the Head of the FDPIC), in force since 1 Sept. 2023 (AS 2023 231; BBl 2022 345, 432).
In the event of any dispute with regard to the Commissioner's recusal, the decision shall be taken by the president of the division of the Federal Administrative Court that is competent in data protection matters.
18 Inserted by No I of the FA of 17 June 2022 (Employment Contract for the Head of the FDPIC), in force since 1 Sept. 2023 (AS 2023 231; BBl 2022 345, 432).
The FDPIC shall ensure by means of suitable control measures, in particular in relation to data security, that the legally compliant implementation of data protection regulations under federal law is guaranteed within his or her office.
1 The FDPIC shall open an investigation into a federal body or a private person ex officio or in response to a report if there are sufficient indications that a data processing activity could violate data protection regulations.
2 It may refrain from opening an investigation if the violation of data protection regulations is of minor importance.
3 The federal body or the private person shall provide the FDPIC with all the information and documents that is needed for the investigation. The right to refuse to provide information is governed by the Articles 16 and 17 of the APA19, unless Article 50 paragraph 2 of this Act provides otherwise.
4 If the data subject has filed a report, the FDPIC shall inform them about the steps taken in response and the result of any investigation.
1 If the federal body or the private person fails to fulfil the duties to cooperate, the FDPIC may as part of the investigation order the following in particular:
2 Professional secrecy remains reserved.
3 In order to enforce the measures under paragraph 1 the FDPIC may request support from other federal authorities and from the cantonal or communal police.
1 If data protection regulations have been violated, the FDPIC may order that the processing be modified, suspended or terminated, wholly or in part, and the personal data deleted or destroyed, wholly or in part.
2 It may delay or prohibit disclosure abroad if this violates the requirements of Article 16 or 17 or provisions relating to the disclosure of personal data abroad in other federal acts.
3 It may in particular order that the federal body or the private person:
4 It may also order that private controllers with registered office or domicile abroad appoint a representative in accordance with Article 14.
5 If the federal body or the private person has taken the required measures during the investigation in order to restore compliance with the data protection regulations, the FDPIC may simply issue an official warning.
1 The investigation proceedings and rulings under Articles 50 and 51 are governed by the APA20.
2 The only party is the federal body or the private person against which or whom an investigation has been opened.
3 The FDPIC may contest appeal decisions of the Federal Administrative Court.
1 Federal administrative authorities that supervise private persons or organisations outside the Federal Administration in accordance with another federal act shall invite the FDPIC to comment before they issue a ruling that relates to data protection issues.
2 If the FDPIC is conducting his or her own investigation against the same party, the two authorities shall coordinate their proceedings.
1 Federal authorities and cantonal authorities shall provide the FDPIC with the information and personal data that it requires to fulfil its statutory duties.
2 The FDPIC shall provide the following authorities with the information and personal data that they require to fulfil their statutory duties:
1 The FDPIC may exchange information or personal data with foreign authorities that are responsible for data protection in order that they may fulfil their respective statutory duties in relation to data protection, provided the following requirements are satisfied:
2 In order to justify its request for administrative assistance or to comply with the request from an authority, the FDPIC may provide the following information in particular:
3 Before the FDPIC provides information that may include professional, trade or manufacturing secrets to a foreign authority, it shall inform the natural persons or legal entities concerned that hold these secrets, and invite them to comment, unless this is not possible or requires disproportionate effort.
The FDPIC shall keep a register of the processing activities of federal bodies. The register shall be published.
1 The FDPIC shall submit a report on his or her activities to the Federal Assembly every year. He or she shall submit the report to the Federal Council at the same time. The report shall be published.
2 In cases of general interest, the FDPIC shall inform the public about its findings and rulings.
1 The FDPIC shall also carry out the following tasks in particular:
2 It may also advise federal bodies that are not subject to his or her supervision in accordance with Articles 2 and 4. The federal bodies may allow him or her to inspect files.
3 The FDPIC has the power to declare to foreign authorities that are responsible for data protection that direct service is permitted in relation to data protection in Switzerland, provided Switzerland is granted reciprocal rights.
1 The FDPIC shall charge private persons fees for:
2 The Federal Council shall specify the amount of the fees.
3 It may stipulate the cases in which it is possible to waive or reduce a fee.
1 On complaint, a fine not exceeding 250,000 francs shall be imposed on private persons who:
2 A fine not exceeding 250,000 francs shall be imposed on private persons who, in violation of Article 49 paragraph 3, wilfully provide the FDPIC with false information or wilfully fail to cooperate in the course of an investigation.
On complaint, a fine not exceeding 250,000 francs shall be imposed on private persons who wilfully:
1 Any person who, while practising his or her profession, acquires knowledge of secret personal data for the purpose of that profession but thereafter wilfully discloses such data shall on complaint be liable to a fine not exceeding 250,000 francs.
2 The same penalty shall apply to any person who wilfully discloses secret personal data that has come to his or her knowledge while carrying on an activity for or while training with a person subject to a duty of confidentiality.
3 The disclosure of secret personal data after ceasing to practise a profession or after completing training is also a criminal offence.
Any private person who wilfully fails to comply with a ruling issued by the FDPIC or a decision of the appeal courts that refers to the penalty under this Article shall be liable to a fine not exceeding 250,000 francs.
1 The criminal liability of businesses is governed by Articles 6 and 7 of the Federal Act of 22 March 197422 on Administrative Criminal Law (ACLA).
2 If a fine not exceeding 50,000 francs is under consideration and if the identification of the perpetrators in accordance with Article 6 ACLA requires measures that would be disproportionate in view of the potential penalty, the authority may decide not to pursue these persons but instead to order the business to pay the fine (Art. 7 ACLA).
1 The prosecution and the adjudication of criminal acts is a matter for the cantons.
2 The FDPIC may file a complaint with the competent prosecution authority and exercise the rights of a private claimant in the proceedings.
Prosecution is subject to a statute of limitations of five years.
The Federal Council may conclude international treaties relating to:
The repeal and the amendment of other legislation are regulated in Annex 1.
Articles 7, 22 and 23 do not apply to data processing that began before this Act comes into force, provided the purpose of processing remains unchanged and no new data are collected.
This Act does not apply to FDPIC investigations that are ongoing at the time that it comes into force; likewise, this Act does not apply to appeals pending against first instance decisions issued before it comes into force. Such cases are governed by the previous law.
For federal bodies, regulations in other federal legislation that relate to personal data shall continue to apply to the data of legal entities for five years from the date on which this Act come into force. In particular federal bodies may continue to disclose the data of legal entities in accordance with Article 57s paragraphs 1 and 2 of the Government and Administration Organisation Act of 21 March 199723 for five years from the date on which this Act come into force if there is a legal basis that authorises them to disclose personal data.
1 The election of the Commissioner and the termination of his or her term of office shall be governed by the previous law until the end of the legislature period in which this Act comes into force.
2 If the incumbent is elected in the first vote of the United Federal Assembly to elect the Commissioner, the Commissioner's new term of office begins on the day after the election.24
24 Inserted by No I of the FA of 17 June 2022 (Employment Contract for the Head of the FDPIC), in force since 1 Sept. 2023 (AS 2023 231; BBl 2022 345, 432).
If the Commissioner's employment contract was based on the previous law, the previous law continues to apply.
25 Inserted by No I of the FA of 17 June 2022 (Employment Contract for the Head of the FDPIC), in force since 1 Sept. 2023 (AS 2023 231; BBl 2022 345, 432).
Coordination with other enactments is regulated in Annex 2.
(Art. 68)
I
The following enactments are repealed:
II
The following enactments are amended as follows:
…29
(Art. 68)
30 The coordination provisions may be consulted under AS 2022 491..