What Is Data Controller?
Data Controller is the entity that determines the purposes and means of processing personal data, and bears primary accountability for it.
Data Controller, the entity that determines the purposes and means of processing personal data, and bears primary accountability for it.
The controller is the decision-maker — it decides why and how personal data is used — and carries the main legal responsibility under data-protection law (GDPR Article 4(7)). In AI, identifying who is the controller for training data, prompts, and outputs is a foundational governance question, because the controller owns the obligations.
Source: GDPR, Article 4(7)
Plain-language explanation
The controller is the decision-maker — it decides why and how personal data is used — and carries the main legal responsibility under data-protection law (GDPR Article 4(7)). In AI, identifying who is the controller for training data, prompts, and outputs is a foundational governance question, because the controller owns the obligations.
Related terms
See where you stand on AI governance
Take the free 7-question maturity assessment and get a personalised action plan.
Free assessment, 3 minutes →