GDPR Glossary

What is Data processor?

GDPR Glossary Also known as: processor

A third party that processes personal data on behalf of, and under the instructions of, a data controller.

A data processor processes personal data on behalf of a controller and only on the controller's documented instructions. Cloud hosts, payroll providers, email platforms and analytics vendors are typical processors.

Processors have direct obligations too — security, sub-processor controls, breach notification to the controller, and a written contract (a Data Processing Agreement) under Article 28.

In the Regulation

Related terms

Need this applied to your business?

Our data-protection lawyers turn GDPR terms into a working plan.

Get advice