- GDPR definitions of controller and processor—how they apply to UK organisations and staff
- How does the GDPR (and the definitions of controller and processor) apply to unincorporated associations, partnerships and other bodies without legal personality or government departments?
- How do the definitions of controller and processor apply to individual staff? How do they apply to the following when they process personal data or help determine the purposes or means of processing for a controller or processor?
- Employees of the relevant controller or processor
- Natural personal under contracts for services (eg consultants) with the relevant controller or processor
- Consultants to the relevant controller or processor contracted through a legal entity (eg via their own consulting company)
- Are there any areas of uncertainty in relation to the above?
Information Law analysis: How should ‘natural or legal person, public authority, agency or other body’ in the General Data Protection Regulation’s (GDPR) definition of controller and processor be interpreted in a UK context and how do the concepts apply to staff? Jon Baines, data protection advisor at Mishcon de Reya, considers how the definitions of controller and processor under the GDPR will apply for the UK.
Sign in or take a trial to read the full analysis.
To continue reading this news article, as well as thousands of others like it, sign in to LexisPSL or register for a free trial