Online or Classroom

Every course purposefully designed

Data Controller, Processor or Joint Controller: What am I?

The concepts of controller, joint controller and processor play a crucial role in the application of GDPR.

They determine who is responsible for compliance with different data protection rules and how data subjects can exercise their rights in practice.

The precise meaning of these concepts and the criterion for their correct interpretation is the subject of much confusion. Incorrect interpretation can lead to the wrong allocation of data protection responsibilities leading to disputes when things go wrong. This workshop will help both controllers and processors to understand their responsibilities and liabilities under GDPR and how to structure their relationships.

This interactive workshop, led by Kirsty Squires, will explain the key differences between data controllers, joint controllers and data processors and what the roles and responsibilities are for each. By the end of this workshop, you will gain the confidence to decide on what an organisation's role is under GDPR and how to manage your relationship with them.

Key Topics

  • Understanding the definitions of controller, joint controller, processor
  • Third party recipients and why they are different
  • Consequences of attributing different roles
  • Relationship between controller and processor
  • Drafting and managing processor contracts
  • Managing processor relationships
  • Managing joint controllers
  • Liability for non-compliance
  • How does all this apply in practice?
  • Latest ICO and EDPB Guidance

Dates & Cost

Online

£399 plus VAT

Classroom

£449 plus VAT

Timings: 10am to 4pm

 
Date: 11 Dec 2024
Location: Online
Date: 19 Feb 2025
Location: Online
Date: 09 May 2025
Location: Online
Date: 05 Aug 2025
Location: Online
Date: 27 Nov 2025
Location: Online

Course tutors

All our associates are experienced information governance professionals who have been training and advising in this field for many years.

  • Philip Jones

    Course Tutor


    Philip has 40 years of information management experience in the public and private sectors both as a practitioner and at a senior management level. He was Head of Information Governance at Staffordshire Council. Philip holds a masters degree in information management and an MBA. He is a senior associate for Act Now and Chair of the Exam Panel.

  • Scott Sammons

    Course Tutor


    Scott is an information governance specialist with over 15 years of experience. He has delivered a number international projects for Act Now Training and is a senior tutor on the Advanced Certificate in GDPR Practice. His previous roles include European Data Protection Lead for a bank and GDPR Implementation lead for a council. He is a former Chair of the IRMS.

  • Susan Wolf

    Course Tutor


    Susan holds a judicial position as a Fee Paid Member of the Upper Tribunal (Information Rights). She spent ten years teaching the LLM in Information Rights Law at Northumbria University and developed their Postgraduate Certificate in Data Protection Law and Information Governance. Susan is one of the senior curriculum developers for Act Now Training.

  • Lynn Wyeth

    Course Tutor


    Lynn is the Head of Information Governance for a large local authority and has over 20 years of experience as a practitioner. She holds a post graduate diploma in Information Rights, the CISMP certificate and is an accredited HSCIPP privacy practitioner. She is the author of two books and is currently undertaking a PhD. Her experience is across GDPR, FOI and RIPA.

  • Iain Harrison

    Course Tutor


    Iain is currently an Information Governance Risk Manager for a large local authority and has over 20 years of experience. He has been delivering training for Act Now for over 7 years in GDPR and FOI for public, private and charitable organisations. His extensive experience in planning and implementation of Information Rights legislation allows him to bring training sessions to life.

  • Kirsty Squires

    Course Tutor


    Kirsty is currently a DPO for a number of local authorities and has over 15 years of experience in Data Governance. She has led the IG Project Team on transformation projects to deliver local government restructure in Northamptonshire, dealing with issues including information sharing, data protection by design and leading on training and policy development.

  • Naomi Matthews

    Course Tutor


    Naomi is a local authority lawyer and holds a judicial position as a Fee Paid Member of the Upper Tribunal (Information Rights). She has extensive experience in all areas of information compliance and RIPA. Her training has been commended by RIPA inspectors and her advice has helped many local authorities understand the law and practicalities of covert surveillance.

  • Suzanne Ballabás

    Course Tutor


    Suzanne Ballabás, is a privacy professional with over ten years of practical experience in implementing privacy practices across various international organisations, in addition to acting as a compliance officer for multiple regulated entities within the UAE’s financial districts of DIFC and ADGM.

  • Olu Odeniyi

    Course Tutor


    Olu Odeniyi is a Cyber Security, Information Security and Digital Transformation Trusted Advisor who has 30 years' experience helping organisations maximise gain from technology solutions, including optimisation of business operations and processes. During this time, Olu held several key senior leadership, strategic and operational positions, in the public and private sectors.

  • Robert Bateman

    Course Tutor


    Robert Bateman is a trainer and writer specialising in privacy, data protection, security, and AI. He is a respected voice on privacy and has been writing, researching, and leading conversations in the field since 2017.

  • Craig Geddes

    Course Tutor


    Craig is a qualified archivist and records manager, with 28 years experience working across the range of information governance activities. He has worked for several Scottish local authorities as Archivist, Records Manager, and Senior Information and Improvement Officer.

What our clients say about us

    I would highly recommend the GDPR Practitioner Course. The Tutor was extremely knowledgeable and gave plenty of chance for group conversation or individual questions. A great course for anyone wanting to expand their knowledge of GDPR and understand putting the principles into practise.
    SL, BCH

    I would highly recommend the GDPR Practitioner Course. The Tutor was extremely knowledgeable and gave plenty of chance for group conversation or individual questions. A great course for anyone wanting to expand their knowledge of GDPR and understand putting the principles into practise.
    SL, BCH

    I learned so much! The course was just the right balance of theory and practical, and was very well delivered.
    CB, CHAS

    The course was very useful as an IG Officer. The trainer was knowledgeable and explained some complex aspects of the legislation using interesting examples and real life scenarios. As a refresher, even with lots of work experience behind me, it was very useful to undertake the Practitioner course. The course materials and handbook are invaluable and I know I will re-use them in conjunction with my usual resources.
    NC, Lincolnshire County Council

    A very practical and all-encompassing coverage of the UK GDPR provided over 4 days. Although 4 days is not enough time to cover this whole subject in depth, there was just enough covered with further resources and links provided within the sessions to cover all aspects of the GDPR to a level at which I now feel a lot more confident in my role. Thank you, Kirsty!
    SW, Norwich University of the Arts