The European Data Protection Board Has Published Guidelines on the Concepts of Controller and Processor Version for Public Consultation

The European Data Protection Board (EDPB) has published Guidelines07/2020 on the concepts of controller and processor in the GDPR version for public consultation. Comments should be sent by October 19, 2020.

The EDPB in the Guidelines Introduction has said: “This document seeks to provide guidance on the concepts of controller and processor based on the GDPR’s rules on definitions in Article 4 and the provisions on obligations in chapter IV .The main aim Is to clarify the meaning of the concepts and to clarify the different roles and the distribution of responsibilities between these actors.”

The Guidelines contains a lot of clarifications and examples. These are quite useful for borderline cases. In addition to that, a flowchart contained in Annex I can help organizations to build a process to determine the nature of the relationship with third parties.

The feedback can be provided through this  link. The Guidelines can be accessed here and the press release here.

Photo by Lukas  from Pexels.