Two regimes, one architecture
The EU General Data Protection Regulation (Regulation 2016/679, the GDPR) and the revised Swiss Federal Act on Data Protection (the FADP or nFADP, in force since 1 September 2023) govern how organizations handle information about people. They share a common architecture: define what counts as personal data, decide who is responsible, set principles for lawful handling, grant rights to individuals, and back it all with supervision and sanctions.
They are not identical. The GDPR applies as directly binding law across the EU and European Economic Area. The FADP is Swiss federal statute, deliberately revised to stay close to the GDPR so that data can keep flowing between the two. This lesson maps the shared mechanics and flags where Switzerland diverges, so you can reason about a processing activity under either regime.

