GDPR AND DATA ROLES

Atom9 defines data roles by the actual processing context.

Atom9 can be the account provider, a workspace platform, a processor for customer data, and the login layer for customer apps. The GDPR role depends on who decides the purpose and means of the processing.

GDPR 1

The same person can interact with Atom9 in more than one role.

GDPR 2

GDPR terms map directly to product behaviour.

GDPR 3

Atom9 records and separates the lawful basis for different processing purposes.

GDPR 4

Atom9 operates processor work under documented instructions.

GDPR 5

Customer KYC belongs to the customer app flow, not the basic Atom9 account.

GDPR 6

Atom9 supports GDPR rights through account, workspace, and customer-app channels.

GDPR 7

Atom9 keeps compliance evidence instead of relying on trust alone.

GDPR 8

Atom9 connects GDPR controls with AI Act controls where AI affects personal data.