Profiling and automated decision-making are not prohibited under GDPR. However, both of these activities are subject to detailed requirements on when they can legitimately be performed and what must be communicated to data subjects.
1| How are automated decision-making and profiling defined under GDPR?
2| How do the general rules of GDPR apply to automated decision-making and profiling?
3| What specific restrictions are in place on these activities?
4| What should you do if you are leveraging automated decision making?
In this whitepaper, we will explore the definitions of automated decision-making and profiling and how the various requirements of GDPR apply to data collected for these purposes. In addition, we will address the importance of an appropriate lawful basis for processing and specific restrictions on processing.