A controller is the entity that determines the purposes, conditions and means of the processing of personal data, while the Data Processor is an entity which process personal data on behalf of the controller. To better understand the difference, please refer to the following Data Processor Checklist or Data Controller Checklist.