Determine whether your organisation processes personal data as a data controller or data processor.
A controller determines the purposes and means of processing personal data; a processor is responsible for processing that data on a controller's behalf.
A processor is required to maintain records of personal data and processing activities and has legal liability if he or she is responsible for a breach.
Controllers must ensure that their contracts with processors are in compliance with the General Data Protection Regulation (GDPR).
Designate someone to take responsibility for data protection compliance and decide if that person should be formally designate as a Data Protection Officer (DPO).
This content requires a Croner-i subscription.
Existing subscriber? Log in
Contact us to discuss your requirements.
0800 231 5199
Croner-i is the trusted source of expert guidance and time-saving tools.