Data processor

In Swiss data protection law, a processor handles personal data for a controller according to instructions, for example as an IT host, payroll provider or cloud service. The processor may choose technical details, but not the purposes or essential means of processing. Controllers must select and supervise processors appropriately and ensure that outsourcing preserves data security and legal compliance. Processors must follow agreed instructions, protect data and involve sub-processors only under the permitted conditions. The concept is comparable to the GDPR processor, with Swiss-specific duties and terminology.