More than two years after the GDPR came into force, the European Data Protection Board (the “EDPB”) finally published its long-awaited draft guidelines on the concepts of controller and processor on 7 September 2020. Prior to this date, UK organisations only had the relatively limited guidance set out on the ICO website and the old … Continue reading NEW EDPB GUIDELINES ON THE CONCEPTS OF CONTROLLER AND PROCESSOR – SEVEN PRACTICAL TAKEAWAYS