Skip to content

Data controller

The organisation that decides why and how your personal data is processed.

A data controller is the organisation that determines the purposes and the means of processing personal data — in plain terms, the why and the how. Under UK GDPR, the controller carries the main responsibility for handling data lawfully and for responding to your data-rights requests, such as access or erasure. This is general information, not legal advice.

Related guide

Data Subject Access Request (DSAR): how to ask what a company holds on you

Related terms