Data Controller

< Back
You are here:

A data controller is any person, authority organisation or other body which either on its own or jointly with another party determines the purposes and means of processing personal data.  In simple terms, the controller is responsible for ensuring the control of the personal data.

Relationships with Data Processors

When a controller passes on responsibility for processing to a data processor it will retain control through the contract that it puts in place to manage this relationship. 

Relationships with Joint Controllers

If the controller shares this responsibility jointly with another controller then it is advisable that a contract is in place (but not mandatory), but there should be a data sharing agreement in place to ensure that the data subject’s have complete transparency surrounding the relationship and the processing of their data.

An example of a Joint Controller might include the relationship between a franchisor and its franchisee, where processing of data is shared across platforms and responsibilities.

Relationships with Controllers in Common

There are circumstances where multiple controllers process data and a contractual agreement does not exist, for example an employer sharing personal tax details with a tax authority.  In these cases the statutory obligation overrides and it is unlikely that any further due diligence would be undertaken.

Mark Roebuck

Mark Roebuck

Building a career around data led programme management Mark recognised that existing data compliance solutions were complex and difficult for clients to use. Frustrated with the options he founded ProvePrivacy to provide an effective and simple to use data protection compliance solution.

Copyright:  All information and articles provided represent the views of ProvePrivacy Limited and our contributors.  They do not constitute legal or data protection advice. All rights reserved.

You Might Also Like