What is the difference between a data processor and a data controller?

GDPR defines two types of users of data: Controllers and Processors. Controllers are the firm that is in charge of determining how data should be treated. Processors are the firms that conduct processing. GDPR does not allow for controllers to assign any responsibility to processors and leave the controller risk free. Ultimately, Controllers are responsible for their all requirements. GDPR considers data processing to include data retention, use, dissemination, backing-up, and deletion of data. What firms need to understand is that any time that you have data or use it in any meaningful sense, you should expect that to be processing