Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
POLISH SUPERVISORY AUTHORITY: EDPB: guidelines on concept of data controller and data processor have been adopted after the consultation

POLISH SUPERVISORY AUTHORITY: EDPB: guidelines on concept of data controller and data processor have been adopted after the consultation

During the 51st plenary section which was held on the 7th of July 2021, the EDPB has adopted, after a public consultation, the final version of the guideline n. 7/2020 on concepts of data controller and processors pursuant to the GDPR. 

The document is composed of two main parts: the first one has the purpose to clarify concepts of “data controller”; “subcontroller”; “processor” and “third party” and the second one describes consequences of the attributions of different roles in the personal data processing. 

The guideline also introduces a diagram which provides additional practical settings and helps actors in understanding the above mentioned concepts. 

After the public consultations ended in October 2020, the Board has kept in mind some comments and has prepared a new versión of the document, by introducing additional clarifications on questions like: the distinction between key ways/not essential (the so called “unessential/essential ways), the designation of joint controllers pursuant to the legislation, the situation inside a group of society, joint governance against “shared benefits”, cloud services and unbalance of power, costs of verifications, role of data protection officers and personal data protection breach.

eppb_guidelines_202007_controllerprocessor_final_en

SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA POLONIA – UODO

Recommended to you

Advanced Research