HomeFix guides → Data controller identified

gdpr

How to fix: Data controller identified

GDPR Art. 13(1)(a)

Why this matters

GDPR makes the 'data controller' — the legal entity deciding what to do with personal data — responsible for compliance. Visitors need to know who that is to exercise their rights, complain to a DPA, or pursue legal action.

Background

The Privacy Policy must identify the data controller (usually your registered company) by name + contact details. Anonymous 'we' + 'this site' phrasing fails GDPR Art. 13 — regulators specifically check for a named legal entity.

References

GDPR Art. 13(1)(a) — identity + contact details of the controller

How to fix

Code snippet for each stack we cover. Pick the one matching your server / framework.

nginx
No server config — content edit.
apache
Same.
cloudflare
Same.
wordpress
Edit Privacy Policy page. Include: registered company name, company number (CRO / Companies House), trading address, contact email for data requests.
flask
Same — privacy policy template edit.
express
Same.
rails
Same.

Verify it's working

Open /privacy-policy. Should see: registered company name + company number + trading address + data-protection contact email.

Want to know if your site has this issue?

Run a free 53-check audit — security, GDPR, NIS2, and technical SEO.

Audit my site →