GUIDELINES BY THE EDPB ON THE CONCEPTS OF CONTROLLER AND PROCESSOR IN THE GDPR
The European Data Protection Board (“EDPB”) adopted the guidelines on the concepts of controller and processor in the GDPR on 2.09.2020.
The concepts of controller, joint controller and processor play a crucial role in the application of the General Data Protection Regulation, they determine who shall be responsible for compliance with different data protection rules, and how data subjects can exercise their rights in practice. These guidelines seek to provide guidance on the concepts of controller and processor based on the GDPR's rules on definitions. In the guidelines, you can find the clarified meanings of the concepts, the different roles and how to distribute responsibilities between these actors.
In the guidelines, all concepts are explained with examples from different business lines and also a flow chart is included at the end of the guide. This makes it easier to grasp and position the correct meanings of the concepts.
Finally, it should be noted that the EDPB welcomes comments on the guidelines via the form on the website until October 19, 2020.
You can read the full text of the guideline here.
Should you have any queries and/or remarks, please do not hesitate to contact us.