Act Now - Data Controller, Processor or Joint Controller: What am I?

The concepts of controller, joint controller and processor play a crucial role in the application of GDPR.

They determine who is responsible for compliance with different data protection rules and how data subjects can exercise their rights in practice.

The precise meaning of these concepts and the criterion for their correct interpretation is the subject of much confusion. Incorrect interpretation can lead to the wrong allocation of data protection responsibilities leading to disputes when things go wrong. This workshop will help both controllers and processors to understand their responsibilities and liabilities under GDPR and how to structure their relationships.

This interactive workshop, led by Kirsty Squires, will explain the key differences between data controllers, joint controllers and data processors and what the roles and responsibilities are for each. By the end of this workshop, you will gain the confidence to decide on what an organisation's role is under GDPR and how to manage your relationship with them.

Key Topics

• Understanding the definitions of controller, joint controller, processor
• Third party recipients and why they are different
• Consequences of attributing different roles
• Relationship between controller and processor
• Drafting and managing processor contracts
• Managing processor relationships
• Managing joint controllers
• Liability for non-compliance
• How does all this apply in practice?
• Latest ICO and EDPB Guidance