§ 63 Joint controllers

1 Where two or more controllers jointly determine the purposes and means of processing, they shall be considered joint controllers. 2 Joint controllers shall determine their respective tasks and responsibilities under data protection law in a transparent manner in an agreement, unless these tasks and responsibilities are already determined by law. 3 In particular, this agreement must indicate which of them must meet which information obligations, and how and with respect to whom data subjects may exercise their rights. 4 Such an agreement shall not prevent data subjects from asserting their rights against each of the joint controllers.