Unfortunately there is no one law that stipulates retention periods in some concise manner. Mandatory retention periods are scattered across different laws and ordinances, and differ in length and based on their subject matter.
The general retention period for accounting records is 10 years (art. 958f of the Swiss Code of Obligations [CO]). VAT Info No. 16 also stipulates a general retention 10 year period for VAT-relevant records and an extended 26 year period for real estate related records.1 Regulated industries, e.g., health sector2, might foresee additional or other retention periods.
If agreements, letters, e-mails, SMS text messages, SM posts etc. are relevant as booking receipt, i.e. qualify as accounting records, they must be retained pursuant to the mandatory retention periods. There is flexibility, however, in that they can be retained both on paper3 or electronically: the Accounting Ordinance (GeBüV/Olico; SR 221.431) allows retention on both unalterable (e.g. paper) as well as alterable (e.g. hard drives) information carriers. It is important to note that storage on alterable media is only permissible if, among others, (i) information integrity is guaranteed, (ii) information storage is time stamped, and (iii) log files etc. are also stored (art. 9 para. 1 let. B GeBüv/Olico).
To the extent legally permissible, individual contracts might also provide for different statutes of limitation.
Data protection law allows processing of personal data (without prior notification) if such processing is legally required (art. 20 para. 1 let. b and art. 31 para. 1 Federal Act on Data Protection [FADP]). Nevertheless, based on the principle of data minimization personal data must be deleted as soon as the purpose of data processing is fulfilled (art. 6 para. 4 FADP). This means that certain personal data might need to be removed from databases if and as soon as they are no longer required. An example is the personnel file of employees that require regular screening and removal of unneeded personal data throughout the employment relationship.
Moreover, individual «risk appetite» might factor in. This can add complexity to the document retention periods. On the one hand, own risk mitigation might qualify as justification for continued processing of personal data based on overriding private interest (art. 31 FADP). On the other hand, records are – alongside witness testimony, inspection, expert opinion, written statements, and questioning – only one of many types of evidence admissible in a court of law (art. 164 Civil Procedural Code [CPC]). Certain facts might be proven by means other than records. Whether or not any other type of evidence can prove the same facts as records is of course case specific.
So for risk mitigation purposes it might be recommendable to keep certain information for longer than the minimum periods stipulated by law. For example, R&D documentation might be kept for the entire lifecycle period of a product group or agreements might be kept for as long as a product or service is offered.
In summary, the following selected storage periods might provide broad guidance; considering, however, colliding individual interests, «risk appetite» for residual risk, and/or individual assessment of the actual (digital) information at hand/on file.
| Document | Period |
| Accounting records, Annual report + audit report | 10 years. |
| Agreements, letters, e-mails, text messages (SMS), online posts (SM), meeting and other protocols, etc. | 5 years, if related to lease/labour. 10 years in general if accounting relevant. 20 years if related to injury/death. Possibly longer for individual risk mitigation or special laws. |
| Tax related information | 10 years in general. 26 years if related to real estate. |
| Employment related information | 5 years for government related information. 10 years for accounting. 20 years if related to injury/death. Possibly longer for individual risk mitigation. |
| Personal data in various documents/databases | Only for as long as required pursuant to the law or contract. Possibly remove personal data «ongoing» from retained documents/databases. |
- 1 Section 1.4.2 VAT Info No. 16 (5.1.2024); tinyurl.com/ybs8zb6v.
- 2 For instance, art. 6 para. 2 Gesundheitsgesetz Kt. Bern (811.01); FMH Code of Conduct.
- 3 The Dispatch of the Federal Council on art. 958f CO (BBl 2008 1589,1704) and some scholars (HK-Lipp 958f N 2; OFK Blum, MWSTG 70, 2. Ed., RZ 21) seem to claim that the annual and audit report must be issued in paper form, i.e. «as original». However, digital annual and audit reports seem acceptable based on the equivalence of hand signatures («ink») and digital signatures based qualified certificates (art. 14 para. 2bis CO) (see specifically Fn. 186 of BBl 2008, 1589,1704).
