Data Processor


Data Processor is the entity that processes data for on behalf of the Data Controller.

Data Processor is any agent that accepts data as input and generates output data, possibly generating some side effects.

Data Processor General Data Protection Regulation#

Data Processor is the Legal Person that processes Personal data for on behalf of the Data Controller.

Data Processor's Responsibility with the Data Controller MUST be specified in a contract or another legal act.

For example, the contract MUST indicate what happens to the Personal data once the contract is terminated. A typical activity of processors is offering Information Technology solutions, including Cloud Data Store. The data processor may only sub-contract a part of its task to another processor or appoint a joint processor when it has received prior written Authorization from the Data Controller.

There are situations where an entity can be a Data Controller, or a Data Processor, or both.

Data Processor, under Data Protection Directive and GDPR, are completely responsible for "lawful' handling of Personal data. GDPR makes also make Data Processor accountable

Data Processors must:

Violations by Data Processor can be fined up to 10M Euro ($11,603,700.00) or 2% of global revenue whichever is greater.

data processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Data Processor, under General Data Protection Regulation definitions, is NOT a third-party

More Information#

There might be more information for this subject on one of the following: