The definition of who is in the position of controller or operator, according to the respective personal data processing activity, is important to determine the obligations and responsibilities of each of these processing agents.
This evaluation and definition can be simple or extremely complex tasks, due to the dynamics of the processing operations that usually involve their agents.
For more information on the issue, check out the article “Third party management in LGPD era” from the e-book “Best Practices for Governance and Compliance with LGPD”, authored by our Data Protection team.