GDPR Article 24: Responsibility of the controller

All 99 Articles Chapter 4: Controller and Processor

The controller must implement appropriate technical and organisational measures to ensure — and be able to demonstrate — that processing complies with the GDPR. This is accountability in practice.

Read the official text on EUR-Lex

5Principles relating to processing of personal data 25Data protection by design and by default 30Records of processing activities 32Security of processing 26Joint controllers 40–43Codes of conduct and certification

Learn the context

GDPR Key Changes

Practical guidance

The GDPR Compliance Checklist for 2026: A Practical 12-Step Guide

These summaries are a plain-English orientation only and are not a substitute for the official text of the Regulation or for legal advice.

Need to apply Article 24?

Our data-protection lawyers turn the text into a plan.

Talk to a lawyer

Back to all articles

Article 24 — Responsibility of the controller

Related articles