In a loyalty program project for a client in the marketing sector, a familiar question surfaced: who should act as the data controller? As is often the case, the agency’s client was reluctant to assume this role, wary of the perceived risks it might carry.
Stepping in on behalf of the agency, we crafted a persuasive legal argument grounded in recent positions from both national data protection authorities and the European Data Protection Board. Our message was clear: while the controller’s role may seem risky, it ultimately offers greater legal clarity and control. We managed to convince the client, removing a key bottleneck and allowing the project to move forward smoothly into its implementation phase.
Have
questions?
