Expert Advice Community

Guest

Data privacy

  Quote
Guest
Guest user Created:   Oct 03, 2022 Last commented:   Oct 09, 2022

Data privacy

What are our data security and privacy responsibilities when we use multiple providers to connect for user WEB experience? Data collected from those partners will be owned by those partners but we store to share it with other partners based on that experience? Are we a controller, processor, or joint controller? Maybe can provide any links which would help us to understand more

0 0

Assign topic to the user

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Tudor Galos Oct 09, 2022

According to Article 4 GDPR – Definitions, a Data Controller means “the […] legal person, […] which, alone or jointly with others, determines the purposes and means of the processing of personal data” while the Data Processor means “a […] legal person […] which processes personal data on behalf of the controller”. The basic difference between the controller and the processor is that the controller has a large degree of autonomy in how it determines the processing operations and purposes for processing, while the processor has almost no autonomy – it processes the personal data according to the controller’s requests.

If you want to be a Data Processor, you should ensure logical separation of customers’ environments, full customer control on their tenants, ability to download/ delete their data, etc. You could allow your customers to connect to other providers via your ecosystem, whether your providers are controllers or processors (for your customers) or subprocessors (for your customers, but subcontracted by you).

If you want to perform telematics on customer data (such as recording performance data in order to improve your ecosystem), you might become a joint controller in the relationship with your customers.

At Advisera we have an EU GDPR Documentation Toolkit that can help you on your journey to becoming GDPR-Compliant using a step-by-step approach. It contains 39 document templates – unlimited access to all documents required by GDPR, access to video tutorials, email support, expert review of a document, and one hour of live one-on-one online consultations with a GDPR expert. It contains templates for Supplier Data Processing Agreements that you can use with your suppliers or with your customers, an International Personal Data Transfer Procedure as well as guidelines on how to fill the Standard Contractual Clauses needed for personal data exports outside of the European Union.

Please also consult these links:

Tudor Galos
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 03, 2022

Oct 09, 2022

Suggested Topics