Article 26 - Joint controllers

Article 26 sets out the rules for joint controllers, meaning two or more entities that together decide the purposes and means of processing personal data. It requires them to transparently allocate their respective responsibilities for complying with the GDPR, to inform data subjects of that arrangement, and to maintain a record of the division of duties.