FADP-compliant AI for Swiss companies

What the new Swiss data protection act means for AI

Since September 1, 2023, the revised Swiss Federal Act on Data Protection (FADP) has been in force. For deploying AI systems, this implies six practical consequences: transparency about processing purposes, documentation of data processing, information about subprocessors, technical safeguards, lawful cross-border data transfers, and respect for data subject rights (access, rectification, data portability, deletion).

The law does not ban AI, but it forces systematic documentation: which data flows into which model? Where is it processed? Who are the subprocessors? Is content reused for training? Anyone who allows ChatGPT or Copilot in their business units without answers to these questions is acting negligently — regardless of whether a privacy incident actually occurs.

The 6-point checklist for FADP-compliant AI

1. Swiss data residency. Document storage, database, vector store, and ideally inference too, all run in a Swiss data center region. See data residency.
2. Contractually excluded training use. Inputs, outputs, and documents from the customer organization are not used to improve or train the provider's models. This clause belongs in the body of the DPA, not in the GTC.
3. DPA with Swiss jurisdiction. A Data Processing Agreement that defines the controller and processor roles, the processing purposes, the technical and organizational measures (TOMs), and the place of jurisdiction.
4. Transparent subprocessor list. In particular, LLM providers such as OpenAI, Anthropic, Google Gemini, or Mistral must be listed with name, purpose, processing location, and the legal transfer mechanism.
5. Field-level encryption for PII. Personal database fields (name, email, customer ID) are cryptographically protected — not just at the transport and dataset layers. See BYOK for a related separation strategy.
6. Granular permissions plus an audit log. Workspace-, page-, and file-level permissions, custom roles, an audit log at the query level. Without this, no FADP request (access, deletion) can be answered correctly.

Key facts on the FADP and SKH

• Effective date: The revised FADP has been in force since September 1, 2023; no transitional period applies.
• SKH default storage: Documents, database, and vector store (pgvector) sit in Azure Switzerland North; inference for SKH default models takes place in the Swiss region. Frontend assets are partially served via a West Europe CDN for operational reasons (no customer content).
• Default models: DeepSeek V3, Kimi K2.5, and Mistral Medium 2505 — all via Azure AI Foundry in the Swiss region.
• DPA / jurisdiction: DPA available on request, place of jurisdiction Bern, operator Swiss Knowledge Hub GmbH, UID CHE-219.860.750, registered with the Commercial Register of the Canton of Bern.
• Training use: Contractually excluded for SKH default models. Under BYOK, the contracts the customer organization has signed with its chosen provider apply.

Subprocessors and cross-border transfers

With LLM-based solutions, the biggest compliance risk is forwarding prompts to US providers without thinking. Three legal questions matter here: which data is transferred? Is there a transfer mechanism (adequacy decision, Standard Contractual Clauses, Binding Corporate Rules)? Is the data stored, logged, or used for training at the provider?

Swiss Knowledge Hub solves this with two standard paths. In the default configuration, everything stays in Switzerland (default models via Azure AI Foundry Switzerland). When an organization deliberately wants to use a US model, it does so via Bring Your Own Key — the customer organization negotiates the contractual relationship, the transfer assessment, and the no-training clause directly with the provider.

What a no-training clause achieves — and what it does not

A no-training clause prevents your company knowledge from feeding into models that are served to other customers. But it is not a substitute for a residency commitment: even without training, prompt logs, cost telemetry, and crash reports can produce copies of the content. A robust no-training clause therefore also addresses log retention (or opt-out) and the analyses that run on the inputs.

Where Swiss Knowledge Hub fits in

Swiss Knowledge Hub supports FADP-compliant operating patterns — the legal assessment in the individual case remains with the customer organization or its legal department. The table below maps the six checklist points to the corresponding technical and contractual implementations, where "contractual" means "governed by the DPA" and "via the chosen LLM provider" means "depends on the provider's terms under BYOK".

How do I actually verify this?

1. Request a DPA. No DPA, no productive use with personal data — regardless of the provider.
2. Read the subprocessor list. LLM providers explicitly named, with the processing location and the legal basis for the transfer.
3. Check the training clause in the contract. Not just in the GTC, but in the body of the DPA.
4. Order an audit log. A test workspace with a simulated data subject request quickly shows whether access, export, and deletion are actually feasible.
5. Ask about PII handling. How are name, email, and customer ID stored in the database? Field-level encryption, or just at the transport layer?

Related pages

• Privacy policy — subprocessors
• Glossary: FADP / revFADP
• Glossary: Data residency
• Glossary: BYOK
• Swiss ChatGPT alternative
• Enterprise RAG in Switzerland

Frequently asked questions

What does FADP-compliant actually mean for an AI solution?

FADP-compliant means that the AI solution meets the requirements of the revised Swiss Federal Act on Data Protection (FADP, in force since September 1, 2023): transparency about how data is processed, respect for data subject rights, Data Processing Agreements (DPAs), technical and organizational measures, and controlled cross-border transfers when foreign subprocessors are involved.

Is Swiss hosting alone enough to be FADP-compliant?

No. Swiss data residency is one building block, but it is not sufficient. You also need a DPA with the provider, a contractually excluded training use, a transparent subprocessor list, technical measures (e.g. field-level encryption for PII), and a credible permissions and auditing model.

What is a no-training clause and why does it matter?

A no-training clause contractually excludes the use of the customer organization's inputs, outputs, and documents to improve or train the provider's models. Without it, the provider's model could in extreme cases learn from confidential content and reproduce fragments in future answers to other customers.

How should I deal with LLM subprocessors like OpenAI or Anthropic?

They count as subprocessors under the FADP and Art. 28 GDPR (where applicable). What you need: disclosure in the subprocessor register, a DPA with the provider, a legal transfer mechanism (e.g. Standard Contractual Clauses), an assessment of the destination country (USA: watch for the EU/FDPIC adequacy decision), and transparency towards data subjects.

Do I need a DPA with my AI provider?

Yes. A Data Processing Agreement (DPA) is mandatory for any processing of personal data on behalf of a controller. Swiss Knowledge Hub provides a DPA on request (place of jurisdiction Bern).

What does this look like at Swiss Knowledge Hub?

Swiss Knowledge Hub addresses the six checklist points as follows: core data hosting by default in Azure Switzerland North (frontend assets partially via West Europe CDN); training use contractually excluded for SKH default models (under BYOK, the provider's terms apply); DPA with place of jurisdiction Bern available on request; subprocessor register publicly available; field-level encryption via @47ng/cloak on selected fields (including user name, user email, API keys, integration connection strings); plus a granular role and permissions model with a chronological audit log per tenant.

What do I need to consider legally for the BYOK setup?

Under Bring Your Own Key, the customer organization stores its own API keys for external LLM providers. The contractual relationship is directly between the customer and the provider — the FADP/GDPR assessment (including training use, transfer mechanisms, subprocessors) must be carried out by the customer with the chosen provider. In this setup, SKH is purely client infrastructure.

Last updated: 2026-04-22 · Swiss Knowledge Hub GmbH, Liebefeld. This text does not constitute legal advice; it summarizes industry-standard expectations for FADP-compliant AI solutions.