What Is Data Controller?
Data Controller is the entity that determines the purposes and means of processing personal data, and bears primary accountability for it.
Data Controller — the entity that determines the purposes and means of processing personal data, and bears primary accountability for it.
The controller is the decision-maker — it decides why and how personal data is used — and carries the main legal responsibility under data-protection law (GDPR Article 4(7)). In AI, identifying who is the controller for training data, prompts, and outputs is a foundational governance question, because the controller owns the obligations.
Source: GDPR, Article 4(7)
Plain-language explanation
The controller is the decision-maker — it decides why and how personal data is used — and carries the main legal responsibility under data-protection law (GDPR Article 4(7)). In AI, identifying who is the controller for training data, prompts, and outputs is a foundational governance question, because the controller owns the obligations.
Related terms
See where you stand on AI governance
Take the free 7-question maturity assessment and get a personalised action plan.
Free assessment — 3 minutes →