Recipient is any person or entity to whom personal data is disclosed, regardless of whether the recipient is internal or external to the company. The recipient in this sense is also a processor or, especially in the case of larger companies, also another part within a company, e.g. another department that, possibly on the basis of a change of purpose, receives the data to fulfill its operational tasks. These include e.g. also the employee representatives, occupational safety officers, security services, etc.