Exin Exam PDPF Topic 1 Question 75 Discussion

Actual exam question for Exin's PDPF exam

Question #: 75
Topic #: 1

[All PDPF Questions]

According to the GDPR, what is a description of binding corporate rules (BCR)?

AA decision on the safety of transferring personal data to a non-EEA country

BA set of approved rules on personal data protection used by a group of enterprises

CA measure to compensate for the lack of personal data protection in a third country

DA set of agreements covering personal data transfers between non-EEA countries

Show Suggested Answer

Suggested Answer: C

Controller: Correct. The controller determines the purpose and means of the processing. (Literature: A, Chapter 1; GDPR Article 4(7))

Processor: Incorrect. The controller determines the purpose of the processing, the processor works on the controller's instructions.

Supervisory authority: Incorrect. The supervisory authority monitors and enforces compliance with the GDPR requirements.

Third party: Incorrect. A third party has no role in determining the purpose of the processing. Any party that determines the purpose would become a new controller.

by Carey at Oct 21, 2024, 11:12 PM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Geraldine

1 days ago

Option B seems the most comprehensive description of binding corporate rules. It covers the key aspects of BCR being a set of approved rules used by a group of enterprises.

upvoted 0 times

...