(24) The processing of personal data located in the Union of data subjects by a controller or processor that does not have an organizational unit in the Union should also be subject to this Regulation in cases where it involves the monitoring of the behavior of such data subjects, insofar as such behavior takes place in the Union. In order to determine whether a processing activity can be considered "monitoring the behavior" of data subjects, it should be determined whether individuals are observed online, including the subsequent potential use of data processing techniques involving profiling of the individual, in particular for the purpose of making a decision concerning him or her or analyzing or predicting his or her personal preferences, behavior and attitudes.