---
title: "Chapter 4 (Art. 24 – 43) – Controller and processor"
url: "https://prighter.com/resources/laws/gdpr/chapters/chapter-4"
type: "Chapter"
date: "2025-10-15T14:24:46.261Z"
---

# Chapter 4 (Art. 24 – 43) – Controller and processor

## Articles

- [SECTION 1: General obligations](https://prighter.com/resources/laws/gdpr/sections/section-1-general-obligations)
- [Responsibility of the controller](https://prighter.com/resources/laws/gdpr/articles/article-24-responsibility-of-the-controller)
- [Data protection by design and by default](https://prighter.com/resources/laws/gdpr/articles/article-25-data-protection-by-design-and-by-default)
- [Joint controllers](https://prighter.com/resources/laws/gdpr/articles/article-26-joint-controllers)
- [Representatives of controllers or processors not established in the Union](https://prighter.com/resources/laws/gdpr/articles/article-27-representatives-of-controllers-or-processors-not-established-in-the-union)
- [Processor](https://prighter.com/resources/laws/gdpr/articles/article-28-processor)
- [Processing under the authority of the controller or processor](https://prighter.com/resources/laws/gdpr/articles/article-29-processing-under-the-authority-of-the-controller-or-processor)
- [Records of processing activities](https://prighter.com/resources/laws/gdpr/articles/article-30-records-of-processing-activities)
- [Cooperation with the supervisory authority](https://prighter.com/resources/laws/gdpr/articles/article-31-cooperation-with-the-supervisory-authority)
- [SECTION 2: Security of personal data](https://prighter.com/resources/laws/gdpr/sections/section-2-security-of-personal-data)
- [Security of processing](https://prighter.com/resources/laws/gdpr/articles/article-32-security-of-processing)
- [Notification of a personal data breach to the supervisory authority](https://prighter.com/resources/laws/gdpr/articles/article-33-notification-of-a-personal-data-breach-to-the-supervisory-authority)
- [Communication of a personal data breach to the data subject](https://prighter.com/resources/laws/gdpr/articles/article-34-communication-of-a-personal-data-breach-to-the-data-subject)
- [SECTION 3: Data protection impact assessment and prior consultation](https://prighter.com/resources/laws/gdpr/sections/section-3-data-protection-impact-assessment-and-prior-consultation)
- [Data protection impact assessment](https://prighter.com/resources/laws/gdpr/articles/article-35-data-protection-impact-assessment)
- [Prior consultation](https://prighter.com/resources/laws/gdpr/articles/article-36-prior-consultation)
- [SECTION 4: Data protection officer](https://prighter.com/resources/laws/gdpr/sections/section-4-data-protection-officer)
- [Designation of the data protection officer](https://prighter.com/resources/laws/gdpr/articles/article-37-designation-of-the-data-protection-officer)
- [Position of the data protection officer](https://prighter.com/resources/laws/gdpr/articles/article-38-position-of-the-data-protection-officer)
- [Tasks of the data protection officer](https://prighter.com/resources/laws/gdpr/articles/article-39-tasks-of-the-data-protection-officer)
- [SECTION 5: Codes of conduct and certification](https://prighter.com/resources/laws/gdpr/sections/section-5-codes-of-conduct-and-certification)
- [Codes of conduct](https://prighter.com/resources/laws/gdpr/articles/article-40-codes-of-conduct)
- [Monitoring of approved codes of conduct](https://prighter.com/resources/laws/gdpr/articles/article-41-monitoring-of-approved-codes-of-conduct)
- [Certification](https://prighter.com/resources/laws/gdpr/articles/article-42-certification)
- [Certification bodies](https://prighter.com/resources/laws/gdpr/articles/article-43-certification-bodies)

## Sitemap

- Site map (Markdown): https://prighter.com/sitemap.md
- LLMs index: https://prighter.com/llms.txt
