Standard contract for the transborder outsourcing of data processing

This standard contract was developed by the FDPIC in co-operation with David Rosenthal from the Homburger law firm which specialises in business law. Its purpose is to ensure that the transfer of data abroad for data processing purposes (as part of an outsourcing contract) provides adequate protection for personal data within the meaning of Article 6 paragraph 1 of the Data Protection Act.

In cases where a Swiss company has its data collection processed abroad, the FDPIC urgently recommends that a contract of this type be used to cover transborder data transfers. Although the contract, which has been specifically designed for Swiss companies, is directly based on Swiss law, it mirrors to a large extent EU standard contracts as well as those used within the framework of Safe Harbour Agreements (the EU Commission's standard contracts may also be used provided that they are adapted to extend protection to the personal data of legal entities and personality profiles). It is recommended that such contracts be signed before data are transferred to countries which do not have data protection provisions comparable to those that exist in Switzerland.

An outsourcing contract does not free the company that transfers data from its responsibility towards data subjects in the event of a violation of the latter's rights.