Exin Exam PDPF Topic 7 Question 58 Discussion

Actual exam question for Exin's PDPF exam

Question #: 58
Topic #: 7

[All PDPF Questions]

Which cause is a data breach according to the GDPR?

Aillegally obtained corporate data from a human resources management system

BPersonal data is processed without a binding contract.

CPersonal data is processed by anyone other than the controller, processor or, possibly, subprocessor

DThe operation of a vulnerable server in the internal network of the processor

Show Suggested Answer

Suggested Answer: C

Controller: Correct. The controller determines the purpose and means of the processing. (Literature: A, Chapter 1; GDPR Article 4(7))

Processor: Incorrect. The controller determines the purpose of the processing, the processor works on the controller's instructions.

Supervisory authority: Incorrect. The supervisory authority monitors and enforces compliance with the GDPR requirements.

Third party: Incorrect. A third party has no role in determining the purpose of the processing. Any party that determines the purpose would become a new controller.

by Judy at Apr 19, 2024, 10:51 AM

Limited Time Offer

25%

17 days ago

I think the cause of a data breach according to the GDPR is personal data being processed without a binding contract.

upvoted 0 times

...