Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Exin Exam PDPF Topic 3 Question 47 Discussion

Actual exam question for Exin's PDPF exam
Question #: 47
Topic #: 3
[All PDPF Questions]

According to the GDPR, when is a data protection impact assessment (DPIA) obligatory?

Show Suggested Answer Hide Answer
Suggested Answer: B

When a project includes technologies or processes that use personal data. Incorrect. Only for technologies and processes that are likely to result in a high risk to the rights of data subjects is the DPIA mandatory.

When processing is likely to result in a high risk to the rights of data subjects. Correct. For processing operations which are likely to result in a high risk, a DPIA is obligatory to assess those risks and to design mitigation measures. (Literature: A, Chapter 6; GDPR Article 35)

When similar processing operations with comparable risks are repeated. Incorrect. This is a case in which a DPIA does not need to be repeated.


Contribute your Thoughts:

Currently there are no comments in this discussion, be the first to comment!


Save Cancel