The invisible processing is ‘invisible’ because the individual is not aware that the data controller is collecting and using their personal data.
‘Invisible processing’ happens when you obtain personal data from other sources and not directly from the individual, and you don’t provide them with the privacy information required by Article 14.
Invisible processing results in a risk to the individual’s interests as they cannot exercise any control over the use of their data.
They are unable to use their data protection rights if they are unaware of the processing, even if the processing itself is unlikely to have any negative effect.