When you as a private company, public authority, natural person, institution or any other body process (e.g. collect, record, disclose or delete) personal data about other persons, it is important that you are aware of your role in the processing. This is important because the requirements for a controller and a processor are different.
In short, it can be said that the controller determines why (for what purpose) and how (with which aids), personal data are processed. A data processor, on the other hand, is the person who processes personal data on behalf of the controller – in other words, on instruction from the controller.