An individual or a functional unit, usually within an organization, which is legally responsible for the data they create, capture, maintain, or use. They are responsible for classifying the data according to its sensitivity and for ensuring it is handled, stored, and accessed in compliance with relevant laws, policies, and guidelines.