What type of data falls under "sensitive personal data" according to GDPR?

Sensitive personal data under GDPR refers to specific categories of information that require higher levels of protection due to their sensitive nature. This includes data related to an individual's racial or ethnic origin, as specified in Article 9 of the GDPR. The rationale for this classification is that such information can lead to discrimination or harm if misused, making it crucial to handle it with extra care.

In terms of the other options, while names and addresses, employment history, and social media profiles may contain personal information, they do not fall under the strict category of "sensitive personal data" recognized by GDPR. These categories do not carry the same level of inherent risk to an individual's rights and freedoms as race and ethnicity. Thus, understanding the nuances of data classifications in GDPR is vital for compliance and protection of individual privacy rights.