What is Data Controller?
To start with, the data controller plays an important role in GDPR. His main function is to determine the ways of processing personal information. In particular, it controls, reviews, compares and aggregates the data. In other words, he is considered to be an actual beneficiary of personal information. However, there are some cases when the data controller also performs the role of the data processor. It means that he also stores, digitizes, and catalogs all the information. But it happens very rarely only when the company can totally control the information.
It is important to point out that such person is responsible for dealing with the personal info legally. Let’s consider his functions in detail. First of all, the data controller must be able to show that his procedures which are connected with data processing are in the line with the regulation. The next his function is providing users with the ability to exercise their rights that are listed in the text of the regulation. Moreover, it is very significant for the data controller to implement various steps that will promote compliance with GDPR.
If there are any data breaches or possible risk of data privacy violation he must immediately inform the authority about it. Furthermore, every data controller should be able to demonstrate the request where it goes about data subject’s permission for processing his personal information. It should be presented in such a way that everybody will understand and distinguish from other matters. And finally, there is one more function which is not obligatory for all companies – appointing a Data Protection Officer. He is someone who ensures the company’s compliance with the regulation.