The GDPR clearly defines the roles that different organizations have when managing or dealing with personal data. There are two major roles – Controllers and Processors. Controllers are organizations that deal with personal data. Our Customers, including both businesses and individuals, using iZooto classify as Controllers because they collect data, decide what will it be used for, and how will it be used. iZooto plays the role of the Data Processor because iZooto processes this data, provided by the customers, on their behalf.
As Controllers, our customers own their users’ personal data on iZooto. We’re committed to helping our customers meet their obligations under the GDPR. We have already implemented data security processes and controls to make sure that our customers can meet their GDPR obligations. These include: