Which parties does GDPR concern?
Find out which parties are involved in GDPR compliance, including data controllers, processors, and the rights of data subjects.
GDPR is relevant to data controllers, data processors, and data subjects. Controllers decide why and how personal data is used, while processors handle the data on the controllers’ behalf.
Both have duties to protect this data under GDPR. The individuals whose data is being processed (data subjects) have rights like accessing, correcting, or deleting their data, and even moving it to another service (data portability). In each EU/EEA country, supervisory authorities enforce GDPR and make sure everyone complies.