This document seeks to provide guidance on the concepts of controller and processor based on the GDPR’s rules on definitions in Article 4 and the provisions on obligations in chapter IV. The main aim is to clarify the meaning of the concepts and to clarify the different roles and the distribution of responsibilities between these actors.
Norway DPA publishes statement on X’s use of data for AI training
X has resumed processing EU/EEA users' posts for AI training, requiring users to opt out to protect their personal data.