For the purposes of this Data Processing Addendum ("DPA"), the following terms shall have the meanings set forth below: "Controller" means the entity that determines the purposes and means of the processing of Personal Data. "Processor" means the entity that processes Personal Data on behalf of the Controller. "Personal Data" means any information relating to an identified or identifiable natural person. "Processing" means any operation or set of operations performed on Personal Data. "Data Subject" means the natural person to whom Personal Data relates. "Supervisory Authority" means an independent public authority established by a Member State pursuant to Article 51 of the GDPR. "GDPR" means Regulation (EU) 2016/679 of the European Parliament and of the Council. "CCPA" means the California Consumer Privacy Act of 2018. "Data Protection Laws" means all applicable laws and regulations relating to the processing, privacy, and use of Personal Data.