Data controller is the person or a company who defines the purpose, means and conditions of how personal data is being processed. Data processor processes personal data on behalf of the data controller and is usually external entity from the data controller’s company.