Data controller meaning - is a company or an individual that decides on how to collect, process and use data in compliance with internet privacy laws and regulations.
As per definiton a data controller determines the purpose for which and the means by which data is processed.
Who is a data controller is a equally good question in this case. In other words, the data controller is the person or legal entity that determines the purpose of the processing of personal data and how the data is processed.
In short, the data controller will be the one to dictate how and what data is going to be used.
If you are classed as a data controller, you are responsible for ensuring that you comply with the GDPR and demonstrate compliance with the regulation’s data protection principles.
The data controller is the person (or company) who determines the purposes for which, and the way in which, personal data is processed. By contrast, a data processor is anyone who processes personal data on behalf of the data controller (excluding the data controller's own employees).
Read more about the different GDPR roles
According to Article 24 of the GDPR, controllers have the highest level of responsibility. They must comply with and be able to demonstrate compliance with all GDPR data protection principles. Furthermore, data controllers are also responsible for the compliance of the vendors that process personal data on the controllers’ behalf.
Data controllers must:
These questions can help you determine whether your company is a data controller under GDPR.
Learn more about Privacy Hub →