D-02-01

In its decision of 29 January 2025, published on 1 July 2025, the Federal Data Protection and Information Commissioner (PFPDT) issued a warning to a Swiss bank for repeated violations of the provisions of the Data Protection Act (DPA) relating to the right of access. This decision sets clear standards: strict compliance with the 30-day deadline for responding to the data subject and the obligation to provide personal data ‘as such’. This decision follows two complaints filed by customers who[...]

The credit scoring company must explain to the person concerned the procedure and principles applied in practice to establish his or her solvency profile. Furthermore, the company's business secrecy does not preclude the communication of information to the authority or the court, which must weigh up the interests involved (judgment of the CJEU of 27 February 2025 in case C-203/22). A mobile phone operator refused to allow an Austrian national (CK) to conclude a mobile phone contract, which would have[...]

On 20 August 2024, Switzerland enters a new era in bank transfers, with the introduction of Instant Payments. Around 70 banks (representing more than 98% of payments in Switzerland) will accept such payments ‘in real time’. The technical implementation of instant payments in Switzerland is based on the new ‘SIC5’ payment platform developed by SIX, the operator of the Swiss stock exchange, and the Swiss National Bank (SNB). Instant payments are coming late to Switzerland. In fact, this system is[...]

The RGPD also protects the banking data of legal entities when the beneficial owner objects to the transfer of the data to the Department of Justice (judgment no. 141/23-II-CIV of 6 December 2023 of the Luxembourg Superior Court of Justice). A person holds bank accounts with the Luxembourg branch of a Swiss bank. He is also the beneficial owner of a company which has two bank accounts with this branch. Another company, of which the customer's ex-wife and son are[...]