What is the definition of profiling in the context of GDPR?

Profiling, in the context of GDPR, refers to any form of automated processing of personal data intended to evaluate certain personal aspects concerning an individual, including analyses of their performance at work, economic situation, health, personal preferences, reliability, behavior, location, or movements. This definition aligns perfectly with the concept of automated decision-making, which involves making decisions based on such analyses without human intervention.

This understanding is significant because, under the GDPR, profiling can have substantial implications for individuals, such as affecting their access to services and opportunities. Additionally, individuals have specific rights regarding decisions made on the basis of profiling, particularly when these decisions have legal or similarly significant effects on them.

The other options do not encapsulate the essence of profiling as defined by the GDPR. For example, processing data from social media does not inherently qualify as profiling unless it involves automated decision-making based on that data. Similarly, enabling cookies does not fall under the definition of profiling but rather pertains to tracking and storing user preferences on the web. Therefore, the correct answer accurately describes profiling's relationship to automated decision-making within the framework of GDPR.