An assessment required under GDPR Article 35 before processing likely to result in high risk to individuals' rights and freedoms, including systematic profiling, large-scale processing of sensitive data, and systematic monitoring. DPIAs must describe the processing, assess necessity and proportionality, identify risks, and specify mitigations. AI systems frequently trigger DPIA requirements due to automated decision-making, profiling, and processing at scale. Unlike FRIAs (which address broader fundamental rights), DPIAs focus specifically on data protection risks.