Controllers and Processors - Handling the Relationship


This eLearning training course is made available 'on-demand', providing flexibility to learn around your existing commitments

All eLearning courses are facilitated via a dedicated online eLearning platform utilising videos, supplementary documentation and self-assessment questions. To place a booking, select the 'eLearning' option from the 'Make a Booking' Button


Course Overview:


When a controller appoints a processor, both the controller and processor have obligations under data protection law.

A controller may only use processors providing sufficient data protection guarantees, and remains responsible for compliance with the data protection principles in relation to a processor's use of data. The processor must follow the controller's instructions in relation to such use, and has additional direct responsibilities to put in place specific data protection measures. The controller and processor must each ensure that there is an appropriate contract between them.

There is variation in the approach taken by controllers and processors in applying these rules (for example in relation to the processing contract), and there are challenges over some of the trickier aspects of compliance (for example in relation to sub-processors and international data transfers).

This course is designed for both controllers and processors to gain a thorough understanding of the rules and how to apply them. It also provides detailed guidance on how to manage the controller/processor relationship in practice. The course includes:    

  • The obligations of the controller and of the processor
  • The rules on appointing processors
  • A detailed examination of the contract between controller and processor
  • How to manage the relationship in practice
  • What to do when there is a personal data breach
  • The rules relating to sub-processors
  • International considerations regarding controllers and processors

It is recommended that delegates attending this session have a solid knowledge of general data protection legal requirements. Delegates with no existing knowledge may find it helpful to attend Data Protection Essential Knowledge - Level 1 and Data Protection Essential Knowledge - Level 2 before attending this training course.


Course Trainer

Olivia Whitcroft, Solicitor

Olivia Whitcroft,

Trainer's biography
and other courses
by this Trainer

Course Information

Delivered via dedicated 'on-demand' online platform

eLearning session - £395 plus VAT
Discounts available:

-20% discount for additional delegates booked together (up to 5)
- Group Licences available

Who should attend:
Data Protection Officers, Information Officers, Compliance Officers, In-house Lawyers, Company Secretaries, Risk Management Officers, IT Managers, Information Security Officers and others (private or public sector)


Practitioner Certificate in Data Protection




View training courses by:

Free Sample Article

Course Testimonials

“The course was very good. The eLearning platform was easy to use.”
David Lockyer
Bevan Brittan LLP

“Very practical and relevant eLearning course. Well delivered and easy to follow.”
Jeff Tate
Government of Jersey

“I have to say, the quality of the eLearning content and it’s presentation is very impressive. Added to that, the great support you provide means I’ll certainly be coming back for more (I’ll be booking another course before the end of the month).”
Joseph Durrant-Riley
Alzheimer’s Research

“The on-line training experience was very good! I liked the ability to go back and re-read the chapters, including the video presentations.”
Victoria Spurdle
Phoenix Medical

“Excellent course! Sets out clearly the responsibilities. Questions were a really good way to test understanding. Liked blend of video and reading material.”
Alun Howells
Companies House