SupportSync: Controller and Processor
Article 4 of the GDPR defines unique roles for "data controllers" and "data processors" and applies to both. The data controller is defined as "the natural or legal person,
public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data".
The data processor is defined as: "a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller".
SupportSync is both a data controller and data processor. For example, if XYZ Tablets uses SupportSync to create and track product returns for their end-users,
XYZ is the data controller and SupportSync is the data processor. SupportSync is also a data controller, however, as we determine how the personal data of our customer,
XYZ Tablets, is used, specifically for accounting, support and subscription purposes.