A data controller is a person or organization that determines the use of personal information. The role of the data controller can be shared by many people or organizations.

Rights and responsibilities of data controllers include:

  • establishing a lawful data process and observing the rights of Data subject s (including collecting data subject Consent s and requests)
  • issuing instructions on data processing (including appointing employees to serve as point of contact) for the Data processor – the data processor should handle data exclusively in the manner prescribed by the controller.

Read more about data controller on the Piwik PRO blog and in the resources section:


  • What is considered protected health information (PHI) under HIPAA? A guide for healthcare marketers

    Quick summary What PHI is: Any individually identifiable health information created, received, maintained, or transmitted by a covered entity or its business associates Who it applies to: Healthcare providers, health plans, healthcare clearinghouses, and their business associates Why it matters for marketing: Marketing tools that collect or transmit PHI without a BAA create HIPAA compliance…

  • We checked 59 hospital websites. 73% kept tracking visitors after opt-out.

    A new study by Piwik PRO and Verified Data scanned 59 major US hospital and clinic websites for tracking and data compliance. The findings show just how common it is for major US healthcare websites to run marketing tools that weren’t built for a regulated environment. What we actually found Across the 59 scanned sites,…