Start a conversation

What is the difference between Data Processor and Data Controller?

This distinction is important for compliance and here are the exact definitions of each role:

Data Controller

A company/organisation that collects people’s personal data and makes decisions about what to do with it. So if you’re collecting personal data and are determining how it will be processed, you’re the Controller of that data and must comply with applicable data privacy legislation accordingly.

Data Processor

A company/organisation that helps a controller by “processing” data based on its instructions, but doesn’t decide what to do with data. A controller is the entity that determines the purposes, conditions and means of the processing of personal data, while the processor is an entity which processes personal data on behalf of the controller.

Choose files or drag and drop files