yhteisrekisterinpitäjyys

Yhteisrekisterinpitäjyys, or joint controllership, is a concept within data protection law, primarily stemming from the European Union's General Data Protection Regulation (GDPR). It describes a situation where two or more entities jointly determine the purposes and means of processing personal data. In such cases, these entities are not acting independently but are collectively responsible for ensuring that the data processing activities comply with data protection principles and regulations.

When yhteisrekisterinpitäjyys exists, the controllers share responsibility for the processing. This shared responsibility typically extends to

The GDPR requires that in cases of joint controllership, the respective roles and responsibilities of each