Back to all glossary articles

Data controller

A data controller is a person or organization that determines the use of personal information. The role of the data controller can be shared by many people or organizations.

Rights and responsibilities of data controllers include:

  • establishing a lawful data process and observing the rights of Data subject s (including collecting data subject Consent s and requests)
  • issuing instructions on data processing (including appointing employees to serve as point of contact) for the Data processor – the data processor should handle data exclusively in the manner prescribed by the controller.

Read more about data controller on the Piwik PRO blog and in the resources section:

  • HIPAA-compliant analytics for healthcare systems: How hospital marketing teams can measure what matters

    Patients now research symptoms, compare providers, and book appointments entirely online before ever contacting a hospital. Healthcare marketers need to adapt to digital-first patient journeys, run campaigns for numerous service lines, manage hospital marketing analytics across multiple locations, and prove ROI to administrators. For nonprofit hospitals, the picture is broader still — donation tracking is…

  • Privacy by design in practice: How “just enough” data beats “just in case” collection

    While collecting more data “just in case” feels safer, according to Matt Gershoff, it’s also one of the biggest sources of unnecessary compliance risk, analytical noise, and wasted organizational resources in the analytics industry today. His approach of “just enough” data collection is more intentional, more aligned with privacy regulation, and often more analytically effective.

Other definitions

Recent posts from Piwik PRO blog