Article 4 of GDPR defines the different roles of the ‘data controller’ and ‘data processor’.
From a CANDDi perspective, it is important to note that Campaign and Digital Intelligence Limited is a data processor.
No personal data is shared, or synced between client accounts. Any data processed is the property of the Client and remains as such.
Controller – “means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data”
According to article 24, it is the responsibility of the controller to be able to demonstrate the processing is performed in accordance with the regulation.
Processor – “means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller”
According to Article 28 from the EU GDPR, processors should be providing sufficient guarantees to meet the requirements of the Regulation and ensure the protection of the rights of the data subject.