Data Processor

A data processor is an entity that processes personal data for a data controller, following the controller's instructions. Data processors can be individuals, businesses, public authorities, or other legal entities.

Here are some responsibilities of a data processor:

Data security

Data processors must ensure that the data is secure and confidential.

Compliance

Data processors must ensure that their processing complies with the General Data Protection Regulation (GDPR).

Data subject rights

Data processors must ensure that the rights of data subjects are protected.

Data processor agreement

Data processors must enter into a data processor agreement with the data controller.

Data processors can include:

Calculators

Computers

Cloud service providers

Third-party companies, such as payroll or email marketing companies

Call centers

Data processors are different from data controllers, who are the entities that decide how and why to collect and process data. Data processors are contractually bound to follow the instructions of the data controller.