RGPD VS nLPD*

*Comparison between
the General Data
Protection Regulation
and the New Data
Protection Law  

25/02/2025
How well is your personal data protected in the digital environment?

With the adoption of regulations such as the RGPD and the nLPD, it is becoming crucial to understand the principles that rule the collection, processing and management of this data. This article guides you through these two pieces of legislation, their impact on businesses and users, and the main differences between them.

However, it is important to note that managing data protection compliance can be complex. For specific situations or more technical cases, it is strongly recommended that you do more research or consult legal experts specialised in the field.

In a nutshell

The General Data Protection Regulation and the New Data Protection Law aim to strengthen the protection of personal data by regulating its collection, processing and use.

What they both have in common

  • Protection of individuals' personal data by imposing rules on companies concerning the collection, processing and use of such data
  • Guarantee of user consent in the event of data collection
  • Guarantee of access, modification and deletion of data for users
  • Users must be informed and consent before cookies or other similar tracking technologies are placed on their devices
  • Privacy by Design : Data protection integrated into the design of products or services
  • Privacy by Default: Maximum level of security implemented by default Impact analyses carried out in the event of a high risk to the personality or fundamental rights of the persons concerned
  • Rapid notification sent to the Federal Data Protection and Information Commissioner (FDPIC) in the event of a data security breach

What makes them different

Comparative table

What it means for companies and organisations

The two texts ensure that companies and organisations are held accountable for the way they manage personal data. They impose rules on transparency, security and respect for privacy. Sanctions are provided if these rules are not respected.

What it means for users

Here are some examples of situations arising from these two regulations :

Accepting cookies : When users visit a website, a pop-up asking them to accept cookies appears. This happens because the site needs users' consent in order to use cookies to collect information about their browsing behaviour, such as pages visited, language preferences, interactions with the site, etc.

General terms and conditions of use : When registering for an online service (social networks, messaging systems, etc.), users are asked to confirm that they have read the general terms and conditions. This is where they consent to their personal data, such as their name, e-mail address, date of birth, etc., being used by the service in question. The service in question must provide clear information on how this data will be used.

Online purchases : When making an online purchase, users provide information such as their delivery address, bank details, etc. Businesses must protect this data and inform users of its use. Companies must protect this data and inform users of how it will be used (order processing, invoicing, etc.).

Newsletters : Users must have given their consent to receive information and communications from the company. In addition, users must be able to unsubscribe at any time.

Location : Some services use geolocation (e.g. Google Maps and Plan or transport applications). However, to obtain users' location, they must have given permission to be located.

Access, rectification and deletion rights: Users can access their information, correct it if it is incorrect, and delete it if it is no longer required or if their initial consent is withdrawn.

In conclusion

Ensuring the protection of personal data is now a legal and ethical priority for all businesses. If you are faced with implementing the RGPD or nLPD, it is crucial to surround yourself with competent professionals.

We will put our expertise at your service to help you navigate this complex environment and ensure that your activities are compliant. For specific or more technical situations, don't hesitate to call on our specialists to ensure that your data is managed securely and compliantly.

Contact us now to find out more!
sources : https://swissprivacy.law/wp-content/uploads/2021/02/20210211-Tableau-comparatif-nLPD-et-RGPD.pdf