Part III of this Series article discusses the obligations of Data Controllers and Data Processors or Business entities that are storing, processing or using personal data of individuals or data subjects  Part III Steps to be taken by organization (processing and/or controlling data) to be compliant with GDPR Which organisations are required to comply with GDPR?