1. UK Data Protection Law
  2. Legislation (UK)
  3. Acts
  4. 2018
Date-stamp loading
  1. Data Protection Act 2018 (c. 12)
  2. Part 2 General processing (ss. 4-28)
  3. Chapter 2 The UK GDPR (ss. 6-20)
  4. Meaning of certain terms used in the UK GDPR (ss. 6-7)
  5. 6. Meaning of "controller"
Previous Next
Version status: In force | Document consolidation status: Updated to reflect all known changes
Version date: 31 December 2020 - onwards
  Version 3 of 3    

6. Meaning of "controller"

(1) The definition of "controller" in Article 4(7) of the UK GDPR has effect subject to -

(a) subsection (2),

(b) section 209, and

(c) section 210.

(2) For the purposes of the UK GDPR, where personal data is processed only -

(a) for purposes for which it is required by an enactment to be processed, and

(b) by means by which it is required by an enactment to be processed,

the person on whom the obligation to process the data is imposed by the enactment (or, if different, one of the enactments) is the controller.

Comparing proposed amendment...
Previous Next