The following are the key stakeholders in GDPR:

  • Data Subject: Any individual who constitutes the subject of the personal data
  • Data Controller: An individual who establishes the purpose and methods of processing the personal data. This can be a legal or natural person, a public agency or authority which can work either individually or in tandem
  • Data Processor: This is an individual who processes personal data in place of the Data Controller. It can include a legal or natural person, public agency, authority or any other body
  • Joint Controllers: This constitutes two or more controllers who work in concord to establish the purpose and means of processing the personal data
  • Representative: A natural or legal person from the European Union who has been elected by the controller or processor to represent these two with respect to carry out their respective commitments
  • Sub Processor/Third Party: Refers to someone who is a natural or legal person, agency or body, or public authority, excluding the data controller, processor, subject, and persons. Such an individual is under the direct influence of the data controller or processor and is authorized to process personal data
  • Supervisory Authority: An independent public authority who has been appointed by any of the Member States of the European Union to continually keep checking that the laws are applied wherever applicable

If you still have unanswered questions regarding GDPR or data privacy, you can reach out to us at [email protected]

Did this answer your question?