GDPR (General Data Protection Regulation)

Definition

The General Data Protection Regulation (Regulation (EU) 2016/679) harmonizes data protection law across the EU and the EEA. It defines principles such as purpose limitation, data minimization, and integrity, codifies the rights of data subjects, and sets requirements for data processing, international data transfers, and breach notifications. Violations can be fined up to 4% of global annual turnover or 20 million euros. The Swiss revFADP is modeled on the GDPR but remains a separate body of law.

How Swiss Knowledge Hub uses this term

Swiss organizations that process personal data from the EU often fall under both the GDPR and the revFADP. Swiss Knowledge Hub offers a DPA that addresses both regimes, including Standard Contractual Clauses where required.

Related terms

• FADP (Swiss Federal Act on Data Protection)
• Data residency
• Compliance frameworks (ISO 27001, SOC 2)

Sources

1. EUR-Lex — Verordnung (EU) 2016/679 (DSGVO) — https://eur-lex.europa.eu/eli/reg/2016/679/oj
2. Wikipedia: Datenschutz-Grundverordnung — https://de.wikipedia.org/wiki/Datenschutz-Grundverordnung