


How much does a website cost in Switzerland?
18 March 2023


The evolution of web design in Switzerland
5 March 2024Content
- What does DPA compliance mean for a website?
- Assess your site's compliance with the Swiss DPA
- Specific obligations for your website
- Technical solutions for LPD compliance
- The risks of non-compliance for your site
- Your LPD compliance action plan
- Need help with your site's compliance?
- FAQ - Frequently asked questions about the new Swiss DPA


Updated on 5 August 2025.
From 1 September 2023, the new Data Protection Act (nLPD) will transform the legal obligations of websites in Switzerland. Does your website comply with the new requirements? This comprehensive guide will help you assess your site's compliance with the Swiss Data Protection Act.
What does DPA compliance mean for a website?
The compliance of your site with the Swiss LPD means that your digital platform complies with all legal obligations in terms of personal data protection. This compliance covers the collection, processing, storage and transmission of your Swiss visitors' data.
Key points of the nLPD for websites :
- Exclusive protection for personal data (more cover for companies)
- Explicit consent compulsory for all non-essential treatments
- Tougher penalties fines of up to CHF 250,000
- Personal liability managers and employees
Assess your site's compliance with the Swiss DPA
Immediate compliance checklist
- ✅ Clear and accessible privacy policy
- ✅ Compliant cookie management
- ✅ Secure contact forms
- ✅ User rights implemented
Privacy policy adapted to the DPA
Your privacy policy is the legal basis for your compliance. It must be written in clear French and accessible from every page of your site. This statement must mention the types of data collected, their precise purposes, the retention period and users' rights. The contact details of the data protection officer must also be clearly indicated so that visitors can exercise their rights.
Compliant management of cookies and tracers
The new LPD requires explicit consent for all cookies that are not essential to the operation of your site. Your consent banner must make it easy for users to refuse cookies, with granular options for each category (analytics, marketing, social networks). The documentation of these consents becomes mandatory to prove your compliance in the event of an audit.
Securing contact forms
Each form on your site must inform the user about how their data will be used before they submit it. Consent must be specific and informed, with separate tick boxes for each purpose (contact, newsletter, canvassing). Mandatory fields must be justified in relation to the purpose, and transmission must be secure using the HTTPS protocol.
Implementing user rights
Your site must make it easy for visitors to exercise their rights with regard to their personal data. This includes access to their information, the possibility of rectification or deletion, data portability to another service, and opposition to processing for certain purposes. These functions can be integrated into a dedicated customer area or via a dedicated form.
Specific obligations for your website
Enhanced explicit consent
Unlike the previous law, the consent must be free, informed, specific and unambiguous. No more pre-ticked boxes or implicit consent by browsing.
Practical examples:
- ❌ Non-compliant By browsing this site, you accept our cookies".
- ✅ Compliant Banner with granular choice and separate "Accept" button
Mandatory Privacy by Design
Your site must integrate the data protection by design. This implies :
- Minimum data collection (proportionality principle)
- Default privacy settings
- Enhanced technical security
- Regular compliance audits
Notification of violations
In the event of a security breach, you have 72 hours maximum to notify the authorities if the risk to data subjects is high.


Technical solutions for LPD compliance
Secure Swiss hosting for compliance
We offer you the best turnkey Swiss web hosting and LPD friendly from Switzerland.
The choice of hosting for your website is of crucial importance for DPA compliance. Hosting your site in Switzerland ensures that Swiss law is applied and avoids the complications associated with international data transfers. This location also ensures greater security thanks to the high standards of Swiss data centres, while automatically respecting the digital sovereignty required by the authorities. What's more, geographical proximity improves the performance of your site for your Swiss visitors.
Consent management tools adapted to the HPA
Implementing a Consent Management Platform (CMP) is becoming essential for effectively managing your visitors' consents. These specialised tools automate cookie management according to user preferences, automatically document all consents to prove your compliance, and adapt in real time to each visitor's choices. A well-configured CMP complies with the technical requirements of the DPA while improving your site's user experience.
Compliance audit and ongoing monitoring
DPA compliance is not a static state, but an ongoing process that requires regular checks. A professional audit analyses all the technical aspects of your site, checks the compliance of your legal notices, tests the correct operation of your forms and cookie systems, and draws up priority recommendations. This monitoring enables you to anticipate regulatory changes and keep your site permanently compliant, thereby avoiding the risk of sanctions.
The risks of non-compliance for your site
Financial penalties and personal liability
The financial penalties under the new DPA represent a major risk for your company. Fines can now reach CHF 250,000 for intentional breaches, 25 times more than under the old law. Liability now extends to individuals, which means that managers and employees can be personally prosecuted and convicted. This personal liability radically transforms the challenges of compliance, making data protection a strategic priority for all decision-makers.
Business and reputation risks
In addition to the legal penalties, failure to comply with the DPA exposes your company to considerable business risks. The loss of trust of Swiss customers can have lasting repercussions on your sales, particularly in a market where data protection is a major concern. Search engines such as Google also favour compliant sites in their algorithms, which can damage your natural referencing. Finally, your competitors may use your non-compliance as a marketing argument or even file complaints to harm you.
Your LPD compliance action plan
Immediate audit of your current situation
The first crucial step is to carry out a full assessment of your current website to identify any areas of non-compliance with the DPA. This technical and legal audit examines every aspect of your platform: forms, cookies, legal notices, data flows and security procedures. The precise identification of non-compliances enables corrective actions to be prioritised according to their urgency and potential impact. This audit phase, which can be completed in 1 to 2 days, forms the basis of your compliance strategy.
Technical and legal compliance
Once the audit has been completed, the technical compliance phase can begin. This stage involves the implementation of the necessary tools (cookie manager, secure forms), the drafting or updating of legal notices in line with the LPD requirements, the precise configuration of consent management and in-depth testing of all systems. This phase, which generally lasts 1 to 2 weeks depending on the complexity of your site, transforms your platform into a site that is fully compliant with Swiss regulations.
Team training and ongoing maintenance
DPA compliance requires a long-term commitment that goes beyond initial technical compliance. Your teams need to be trained in good data protection practice, in the procedures to follow in the event of an incident and in regulatory developments. Putting in place regular maintenance procedures, periodic audits and ongoing regulatory monitoring ensures that your site remains compliant over the long term, even during technical updates or changes in legislation.
Need help with your site's compliance?
Does your site comply with the Swiss Data Protection Act? Our team of web experts will help you achieve full compliance.
🔍 Audit gratuit de conformité LPD Ask for your personalised, no-obligation evaluation.
📞 Conseil expert immédiat Contact greeNative Web Agency for a turnkey solution tailored to your business.
🏆 Expertise locale certifiée Web agency specialising in Swiss regulatory compliance.
FAQ - Frequently asked questions about the new Swiss DPA
Let's work together!
Tell us about your project or need, without commitment ! We guarantee the utmost confidentiality.