Is Cognism the Data Controller or the Data Processor of the Data Provided?

This guide explains when Cognism acts as an independent data controller and when it operates as a data processor for specific functionalities. It outlines the responsibilities of both Cognism and its customers under data protection laws.

Is Cognism the data controller or the data processor of the data provided? 

Cognism acts as an independent data controller when providing its services. In limited cases, Cognism acts as a data processor for specific functionalities.

Acts as an independent data controller by default

When providing its services, Cognism acts as an independent data controller.

Cognism processes data for its own independent purposes to provide its services. Customers also act as independent data controllers and typically process the data for their own purposes, such as marketing or lead generation. These activities take place outside of Cognism’s control and visibility.

Each party is responsible for complying with its own obligations under applicable data privacy and marketing regulations.

Acts as a data processor for specific functionalities

Cognism only acts as a data processor when customers use certain specific functionalities, such as Refresh or Enhance.

In these cases:

• Cognism processes data on the customer’s behalf
• The customer acts as the data controller
• The processing activity is limited to what is necessary to provide the functionality

After reading this article, you should understand when Cognism acts as a data controller and when it acts as a data processor.