Understanding GDPR Data Controller in 5 easy steps

by | Mar 2, 2021 | Business, Security | 0 comments

Understanding GDPR Data Controller

By now most of have heard of the General Data Protection Regulation (GDPR). But in case you’ve been carefully avoiding the news since 2017, it’s a law put in place by the EU which strengthens the protection of citizens’ data.

GDPR has brought with it some very stringent penalties for non-compliance. And if your business isn’t yet compliant, you could be at risk of an astronomical fine, as well as lasting brand damage.

The UK’s Information Commissioner’s Office (ICO) collected the second-highest total value of fines for data protection violations last year, with businesses paying up €43,901,000 (roughly £39.7 million) for breaching GDPR.

ITPRO

However, putting GDPR into practice raises some really big questions. Who is liable in the event of a breach? What is a GDPR data controller?  And who is the GDPR data processor? Let’s take a look at each in turn.

1) What is GDPR?

Before we understand the role of a GDPR Data controller, we need to tackle what GDPR is. To put it In simple terms,  GDPR forbids the misuse of EU citizens data. And it applies whether your company is based in the EU or not.

2) Who is the GDPR Data Controller?

The ‘GDPR data controller’ is the organisation that decides how and why customers personal data is processed. In other words, it’s usually your business. You collect and control the data but, crucially, you don’t necessarily have to hold or process it. However, even if you don’t process it yourself, you’re still responsible for how it is used, stored and deleted.

3) What are the GDPR Data Controller’s responsibilities?

Under GDPR Data Controllers are obliged to:

  • Protect personal data against compromise or loss by implementing strict technical and organisational measures to secure data
  • Have a legal agreement with your processors to ensure they only act on your instructions and comply with GDPR

4) Who is the GDPR Data Processor?

A data processor, on the other hand, is the company or person who processes personal data on behalf of the controller. To give a few examples, it could be your data storage provider, payroll company, accountant or marketing agency.

5) What are the GDPR Data Processor’s responsibilities?

Under GDPR, data processors have a lot more responsibilities, including:

  • Appointing a Data Protection Officer if their business processes sensitive or ‘big’ data
  • Responsibility for implementing significant security measures
  • Maintaining a record of all data processing operations under their responsibility
  • Inform the data controller(s) immediately of any leaked data
  • Become a joint controller for any data processing they carry out beyond the scope of the controller’s instructions

In Summary

GDPR has changed the way we process and control data.  And understanding your role as a data controller, processor or both is crucial – both to avoid legal hot water and protect your customers.

Are you looking to get GDPR-compliant and improve your cybersecurity but not sure where to begin? Start by getting certified in Cyber Essentials, the UK government scheme that covers all the fundamentals of cyber hygiene.

If you are interested in easy Cyber Essentials and GDPR certification

Get In Touch

Related Posts:

0 0 votes
Article Rating
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments

Managed Web Services

Covering Margate, Broadstairs, Ramsgate, Westgate, Birchington,Minster, Manston &  surrounding postcodes in Thanet and Kent.

Contact

Kent Innovation Center
Millennium Way
Broadstairs
Kent
CT10 2QQ

Tel: 01843 808480

 

Reviews from Google

  • Worked with Russ for a good six months now and coming from a classic 'non techie' he has actually taught me a thing or two! Communication excellent and all issues... read more

    Medical Aesthetics Knutsford Avatar Medical Aesthetics Knutsford
    April 28, 2022

  • Just wanted to say a big thank you to Russ for his continued knowledgeable, professional and friendly service. I always receive a quick response with easy to understand information. Thank... read more

    V Humber Avatar V Humber
    October 15, 2019

  • Russ is highly professional, delivers very high quality work on time . I would highly recommend him.

    Kim Barrow Avatar Kim Barrow
    January 19, 2020

  • Great work when helping me with some wordpress and SEO issues on my site! Plan to use again 🙂

    josh juniper Avatar josh juniper
    July 28, 2022

  • Russ have create my website and i am very happy ....he have help even create a fly for my business and few ads on facebook plus all the hard work... read more

    Carmine Sozio Avatar Carmine Sozio
    July 16, 2019

  • Russ is great to work with, definatley knows his stuff and has become our go to IT man. Highly recomended .

    Elliot Higgins Avatar Elliot Higgins
    August 22, 2019

  • Russ is our go-to guy for all things technical. He knows things inside and out. He's also friendly and patient.

    Jordan Bledsoe Avatar Jordan Bledsoe
    March 31, 2023

  • Great service, Russ was patient and responsive despite some hoops we had to jump through. Would recommend.

    Marion Avatar Marion
    April 28, 2022

  • Great work, was very quick and professional. Highly recommend Russ's services!

    Farai Macheka Avatar Farai Macheka
    February 22, 2021

  • Top notch services! We have worked with Russ on a few projects now and him helping us out has been like having a dedicated IT & Web Support... read more

    Farai Macheka Avatar Farai Macheka
    May 28, 2023
0
Would love your thoughts, please comment.x
()
x
Share This