Determines the purpose and means of processing personal data. (Role according to article 4 of the GDPR.)