(1)This section defines certain other expressions used in this Part.
(2)“Employee”, in relation to any person, includes an individual who holds a position (whether paid or unpaid) under the direction and control of that person.
(3)“Personal data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
(4)“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to an individual, in particular to analyse or predict aspects concerning that individual's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
(5)“Recipient”, in relation to any personal data, means any person to whom the data is disclosed, whether a third party or not, but it does not include a public authority to whom disclosure is or may be made in the framework of a particular inquiry in accordance with the law.
(6)“Restriction of processing” means the marking of stored personal data with the aim of limiting its processing for the future.
(7)“Third country” means a country or territory [F1outside the United Kingdom].
(8)Sections 3 and 205 include definitions of other expressions used in this Part.
Textual Amendments
F1Words in s. 33(7) substituted (31.12.2020) by The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (S.I. 2019/419), reg. 1(2), Sch. 2 para. 37 (with reg. 5); 2020 c. 1, Sch. 5 para. 1(1)