Ordinance
on the Surveillance of Post and Telecommunications
(SPTO)


Open article in different language:  DE  |  FR  |  IT
Art. 21 Retention periods 28

1 The fol­low­ing pro­viders must re­tain and be able to provide the fol­low­ing data for the dur­a­tion of and for 6 months fol­low­ing the end of the cus­tom­er re­la­tion­ship:

a.
TSPs and PDC­Ss with more ex­tens­ive du­ties in ac­cord­ance with Art­icle 22 or 52: the data on the ser­vices and the data for the pur­pose of iden­ti­fic­a­tion in ac­cord­ance with Art­icle 19 para­graph 1;
b.
TSPs: in ad­di­tion, data on iden­ti­fi­ers as­signed on a long-term basis in ac­cord­ance with Art­icle 48a.

2 TSPs must re­tain and be able to provide iden­ti­fic­a­tion data in ac­cord­ance with Art­icle 19 para­graph 2 for the dur­a­tion of and for 6 months fol­low­ing the end of au­thor­isa­tion to ac­cess the pro­fes­sion­ally op­er­ated pub­lic WLAN ac­cess.

3 They must for the pur­pose of iden­ti­fic­a­tion re­tain the data on the unique as­sign­ment of IP ad­dresses for the net­work ac­cess point for 6 months and be able to provide the in­form­a­tion in ac­cord­ance with Art­icle 37.

4 TSPs that of­fer mo­bile ser­vices must re­tain and be able to sup­ply the data on the sub­scribers in ac­cord­ance with Art­icles 20a and 20b and a copy of the proof of iden­tity for the dur­a­tion of and for 6 months fol­low­ing the end of the cus­tom­er re­la­tion­ship.

5 TSPs, with the ex­cep­tion of those with re­duced sur­veil­lance du­ties (Art. 51), must re­tain the fol­low­ing data for the pur­pose of iden­ti­fic­a­tion for 6 months:

a.
sec­ond­ary tele­com­mu­nic­a­tions data re­lat­ing to the device iden­ti­fi­ers ac­tu­ally used, in or­der to be able to provide the in­form­a­tion spe­cified in Art­icles 36 para­graph 1 let­ter b and 41 para­graph 1 let­ter b num­ber 2;
b.
sec­ond­ary tele­com­mu­nic­a­tions data re­lat­ing to the as­sign­ment and trans­la­tion (NAT) of IP ad­dresses and port num­bers for the net­work ac­cess, in or­der to be able to provide the in­form­a­tion spe­cified in Art­icles 38 and 39; and
c.
sec­ond­ary tele­com­mu­nic­a­tions data to de­term­ine the net­works dir­ectly ad­ja­cent to a com­mu­nic­a­tion or an at­tempt at com­mu­nic­a­tion us­ing tele­phony and mul­ti­me­dia ser­vices in or­der to be able to provide the in­form­a­tion in ac­cord­ance with Art­icle 48c.

6 PDC­Ss with more ex­tens­ive sur­veil­lance du­ties (Art. 52) must re­tain the data in ac­cord­ance with para­graph 5 let­ters a and b for 6 months for the pur­pose of iden­ti­fic­a­tion.

7 The sec­ond­ary tele­com­mu­nic­a­tions data un­der para­graph 2 must be des­troyed as soon as the re­ten­tion peri­od has ex­pired, un­less oth­er le­gis­la­tion re­quires or per­mits such data to be re­tained for longer.

28 Amended by No I of the O of 15 Nov. 2023, in force since 1 Jan. 2024 (AS 2023 685).

Previous article Show article in the law Next article

Diese Seite ist durch reCAPTCHA geschützt und die Google Datenschutzrichtlinie und Nutzungsbedingungen gelten.

Feedback
Gesetzeskürzel Name
DE FR IT EN
DE FR IT EN
Laden