Back to all glossary articles

Data processor

A data processor is a person or organization that processes personal data on behalf of a data controller. Their role should be regulated in a so-called Data processing agreement (DPA) signed between the data controller and data processor.

Among other things, the data processor:

  • must have adequate information security measures in place
  • shouldn’t engage sub-processors without the prior consent of the controller
  • must cooperate with the authorities in the event of an enquiry
  • must report data breaches to the controller as soon as they become aware of them, without undue delay
  • may need to appoint a mandatory Data protection officer
  • must give the Data controller the opportunity to carry out audits examining their GDPR compliance
  • must keep records of all processing activities
  • must comply with EU transborder data transfer rules (if necessary)
  • must help the controller to comply with Data subject ’ rights (including the processing of data subject requests)
  • must assist the data controller in managing the consequences of data breaches
  • must delete or return all personal data at the end of the contract as requested by the controller, and
  • must inform the controller if the processing instructions infringe GDPR

More about Data Processor on Piwik PRO blog:

  • Navigating the Norwegian E-Com Act 2025: How it Impacts Web Analytics and What Steps You Should Take

    The Norwegian Electronic Communications Act, commonly known as the E-Com Act, is a fundamental legislation governing electronic communications targeting Norwegian audiences.  As of January 1, 2025, significant amendments have been introduced, particularly concerning cookie guidelines and user data collection.  These changes aim to enhance user privacy and align Norway’s regulations with broader European standards, such…

    Read more

  • Customer Data Platform is now available for all Piwik PRO users

    The Core plan for Piwik PRO Analytics Suite now includes a Customer Data Platform (CDP). Our CDP is designed for businesses of all sizes, offering the opportunity to explore its capabilities without any initial investment and the flexibility to grow alongside your business needs.  With Piwik PRO Core, you can use an all-in-one integrated data…

    Read more

Other definitions

Recent posts from Piwik PRO blog