The definition of personal data can be found in both the Swiss DSG and the GDPR.

The GDPR describes personal data as “any information relating to an identified or identifiable natural person (hereinafter “data subject”); identifiable is a natural person who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more special characteristics that express the physical, physiological, genetic, psychological, economic, are the cultural or social identity of that natural person.”

According to ECJ case law, personal data also includes IP addresses if there is a “legal” possibility of identification. This means that as soon as the operator of a site can request the release and identification of the connection owner based on the IP from an Internet service provider as part of a procedure, this criterion is met.

The relevant judgment in Patrick Breyer vs. the Federal Republic of Germany can be found here.

In Switzerland, dynamic IPs are also regarded as personal data if there is a legal possibility of identification, as in the Federal Supreme Court ruling in matters Logistep AG was identified.

According to the GDPR, the term “personal data” includes any information relating to an identified or identifiable natural person. An identifiable person is someone who can be identified directly or indirectly by reference to an identifier such as a name, identification number, location data, or online identifiers.
The Swiss Data Protection Act (DSG) defines the term “personal data” in a similar way. It includes all information relating to a specific or identifiable person. This includes not only direct identifiers, such as names or identification numbers but also information that can be used to identify or determine an individual, such as location data or other specific characteristics.
One important difference, however, is that Swiss data protection law contains some specific provisions and exceptions that may differ from those in the GDPR. These differences include the processing of personal data for specific purposes and the transfer of personal data abroad.