Chapter 5

Data Controllers and Data Processors

IN THIS CHAPTER

Bullet Defining controllers, joint controllers, processors, and subprocessors

Bullet Digging into the obligations and liabilities of controllers and processors

To fully understand the GDPR, you need to grasp the meaning behind the concepts of the data controller, data processor, joint controller, and subprocessor. This chapter defines what each of these terms means and explains their obligations and the relationships between them.

You must know which role you’re assuming in relation to each of your processing activities, because obligations under the GDPR differ and sometimes overlap, according to whether you’re a data controller, a joint controller, or a processor.

Remember You can be a data controller and a data processor at the same time for different processing activities, although you cannot be a controller and a processor in relation to the same processing activities. For example, if your business is a cloud hosting provider, you would be a data controller in relation to the contact data (personal data) about each of your clients, and you would be a data processor in relation to the personal data contained within the content that you ...

Get GDPR For Dummies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.