Controller of personal data is any legal or natural person, state body or other body that holds personal data collection, i.e. that independently or together with others determines the purposes and the manner of personal data processing (article 2 paragraph 1 item 5 of Law on Personal Data Protection). When the purposes and the manner of processing are determined by law or other regulation, the same law or regulation determines the controller or the special criteria for its determination.
This definition applies to all companies, state bodies, local self-government, public enterprises, hospitals, schools, kindergarten, NGO’s, trade unions, political parties, self-employed persons (lawyers) and others, notary, executors and other.
Controllers are also natural persons, but the law doesn’t apply on them if collecting and processing of personal data is performed exclusively for personal or household activities.