We've been asked "What is a 'data controller' or a 'data processor' under GDPR?" And "How is a GDPR data processor different from a GDPR data controller?? And even "Can a company be both a data processor and a data controller at the same time under the EU General Data Protection Regulation?" Here are the answers.