Data controller meaning - is a company or an individual that decides on how to collect, process and use data in compliance with internet privacy laws and regulations.
As per definiton a data controller determines the purpose for which and the means by which data is processed.
Who is a data controller is a equally good question in this case. In other words, the data controller is the person or legal entity that determines the purpose of the processing of personal data and how the data is processed.
In short, the data controller will be the one to dictate how and what data is going to be used.
If you are classed as a data controller, you are responsible for ensuring that you comply with the GDPR and demonstrate compliance with the regulation’s data protection principles.
The data controller is the person (or company) who determines the purposes for which, and the way in which, personal data is processed. By contrast, a data processor is anyone who processes personal data on behalf of the data controller (excluding the data controller's own employees).
According to Article 24 of the GDPR, controllers have the highest level of responsibility. They must comply with and be able to demonstrate compliance with all GDPR data protection principles. Furthermore, data controllers are also responsible for the compliance of the vendors that process personal data on the controllers’ behalf.
Data controllers must:
These questions can help you determine whether your company is a data controller under GDPR.
Visit our Complaince School and learn about the different GDPR-related terms, including data controller, data processor and data subject, through a series of free video lectures.Watch now
Join our free bi-weekly newsletter focused on news and updates from the legal landscape of data privacy.