Particular information processing may be performed by people, or by personal or general public organisations, such as companies or general public authorities. Their responsibilities and legal responsibility for particular info processing depend on the purpose they Engage in within the processing in issue. PCI DSS compliance is the whole process https://www.nathanlabsadvisory.com/blog/category/nathan/page/4/
