In this DPA, the following terms have the meanings given below:
- "Applicable Data Protection Law"
- means the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable national implementing laws.
- "Personal Data"
- means any information relating to an identified or identifiable natural person as defined in Applicable Data Protection Law.
- "Processing"
- has the meaning given in Applicable Data Protection Law.
- "Controller"
- means the natural or legal person which, alone or jointly with others, determines the purposes and means of Processing.
- "Processor"
- means a natural or legal person that processes Personal Data on behalf of the Controller.
- "Subprocessor"
- means any processor engaged by the Processor to process Personal Data on behalf of the Controller.
- "Data Subject"
- means an identified or identifiable natural person whose Personal Data is processed.
- "Security Incident"
- means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data.