Scope as a data controller
Hi, so I want to ask that we are a UK based company with office in asia, who provide saas solutions. Now in terms of the products that we offer we shall be a data processor. I am still not clear on our responsibility of data where we would be acting as a data controller, for example we would be acting as DC for
1. our employee data
2. any data we gather through cookies
3. contact information gathered through contact us forms on our website
4. supplier data (if any is based in uk or EEA)
5. customer data in regard to sales and contracts (incase we have european or uk based customers)
Is this correct ?
Assign topic to the user
Yes, it is correct, you listed the cases in which your company will act as a data controller. In these cases, in fact, you decide the purpose and means of data processing: the management of the employment relationship, your website, the relationship with your clients, and your suppliers. On the contrary, your app provides a service that other companies (your clients) will use, so all data that you will collect and process through your SaaS will be processed on behalf of your clients, which is the definition of a data processor.
As a data controller, you are responsible for fair, transparent, and correct data processing, you need to provide information about your processing, collect consent and guarantee that data subjects can exercise their rights. You need to comply with all obligations that the GDPR requires the controller to comply with as stated in Article 24 GDPR.
Here you can find more information about the distinction between the data controller and data processor:
- EU GDPR controller vs. processor – What are the differences? https://advisera.com/eugdpracademy/knowledgebase/eu-gdpr-controller-vs-processor-what-are-the-differences/
If you want to learn how to comply with EU GDPR requirements you may consider enrolling in our free training EU GDPR Foundations course: https://advisera.com/training/eu-gdpr-foundations-course//
Comment as guest or Sign in
Apr 14, 2021