Data Processor

What Data Processor means

A data processor is an entity that processes personal data on behalf of and under the instructions of a data controller. In the advertising ecosystem, various entities act as processors — marketing agencies handling client data, analytics providers processing user data, and in some scenarios, ad platforms themselves. GDPR requires a formal Data Processing Agreement (DPA) between controllers and processors, specifying data handling obligations, security requirements, sub-processor management, and breach notification procedures. Processors must only process data according to controller instructions, implement appropriate security measures, assist with data subject rights requests, and maintain records of processing activities. Misclassifying controller-processor relationships is a common compliance failure.