“Other Regulation” | means national laws which, from time to time, apply to Processing of Personal Data (excluding the General Data Protection Regulation); |
“Processing” | means an operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction; |
“General Data Protection Regulation” | means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation); |
“Instruction” | means the instructions which the Customer gives to the Supplier within the scope of this Addendum; |
“Personal Data” | means any information relating to an identified or identifiable natural person, whereupon an identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or online identifiers, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person; |
“Controller” | means a natural or legal person, public authority, institution, or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data; where the purposes and means of such Processing are determined by Union law or Member State law, the Controller or the specific criteria for its nomination may be provided for by Union law or Member State law; |
“Processor” | means a natural or legal person, public authority, institution, or other body which processes Personal Data on behalf of the Controller; |
“Personal Data Breach” | means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored, or otherwise Processed; |
“Data Subject” | means the living natural person who is alive and whose Personal Data is Processed; and |
“Data Protection Laws” | means the General Data Protection Regulation and Other Regulation collectively. |