On October 16, 2017 the Article 29 Working Party published guidelines on automated individual decision-making and profiling for the purposes of Regulation 2016/679 and guidelines on personal data breach notification under Regulation 2016/679.
The General Data Protection Regulation (GDPR) defines profiling in Article 4(4) as: "Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements."
Profiling is composed of three elements:
Request a Free Trial
As a trusted source of regulatory intelligence for the global payments industry, we enable organisations to manage the growing volume and velocity of regulatory risk with confidence, empowering more informed and effective decision making, in an efficient and cost-effective way.Take a Trial