Law Number 27 of 2022 concerning Personal Data Protection (“PDP Law”) distinguishes between personal data controllers and personal data processors. A personal data controller determines the purposes and controls the processing of personal data. A personal data processor processes personal data on behalf of the controller.
Both roles include individuals, public bodies, and international organizations, with their obligations detailed in the second part of Articles 20-50 of the PDP Law.
Be sure to read this #BILLawFact, where we will discuss the different obligations borne by Personal Data Controllers and Processors according to the PDP Law.
If you have any questions or need legal assistance on this topic, feel free to contact us at [email protected].