Sometimes the distinction is not cut and clear.
Sometimes, you can be both – depending on what specific action or process we are talking about. You may be a controller of some, and a processor with respect to others. When acting as controller, you have to comply with all duties and liabilities of a controller.
Generally, a controller has the power to determine what information will be collected, what measures will be used to collect it, and what are the purposes for which it will be processed.
If at some point of a data flow, you have these powers and authorities, it means that with respect to this certain data and these certain operation, you are a controller.