The buzz about the European Union’s upcoming General Data Protection Regulation (GDPR) is gaining momentum as the Controller and implementation data processing date approaches, i.e. May 25, 2018. One of the most discussed elements of this law are the new guidelines it has established for data controllers and processors. While the GDPR retains some of the obligations that the Data Protection Directive imposes on both parties.
Who is a data processing? What is the definition of a data processor?
In today’s digital world, data collection executive data and storage is more of a norm than an exception. Companies may collect individual data for advertising. Marketing, analytical or research purposes. Whenever a company collects and processes an individual’s personal data, it does so as a controller or processor. In Chapter 1, Article 4 of the GDPR, the two are defined below.
Data Controller vs. Data Processor: Who Does GDPR Affect?
The answer to this is both. Under the Text Services Data Protection Directive 95/46/EC, only data controllers are Controller and responsible for breaches of data protection. However, the EU General Data Protection Regulation (GDPR) will strike a balance. By assigning direct obligations also to data processors. According to Article 83 , in case of non-compliance, fines can be applied to both controllers and processors.