A person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

A person, public authority, agency or other body which processes personal data on behalf of the controller

Under the GDPR, some organisations need to appoint a Data Protection Officer (DPO) who is responsible for informing them of and advising them about their data protection obligations and monitoring their compliance with them.

The identified or identifiable living individual to whom personal data relates.

Any information relating to a person (a ‘data subject’) who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person

Short text files stored on the user’s device by a web site.  Cookies are normally used to provide a more personalized experience and to remember user profile without the need of a specific login. Also it can be placed by third parties (such as an advertising network) in end users´ devices and maybe be used to track users when surfing across different websites associated to that third party