Exin Exam PDPF Topic 1 Question 87 Discussion

Actual exam question for Exin's PDPF exam

Question #: 87
Topic #: 1

[All PDPF Questions]

A controller wants to switch processors. What is necessary to review before making this change, so that it remains GDPR compliant?

AThe matrix location of this new processor.

BRequire the old processor to erase data.

CRequire the old processor to port the data.

DVerify that the new processor has sufficient security guarantees.

Show Suggested Answer

Suggested Answer: D

Verify that the processor has sufficient security guarantees that are essential for the Controller to remain in

compliance with the GDPR. Remember that the responsibility is always of the controller who must take care of the data of the data subjects that have been entrusted to him.

Recital 81 mentions the following:

(81) To ensure compliance with the requirements of this Regulation in respect of the processing to be carried out by the processor on behalf of the controller, when entrusting a processor with processing activities, the controller should use only processors providing sufficient guarantees, in particular in terms of expert knowledge, reliability and resources, to implement technical and organizational measures which will meet the requirements of this Regulation, including for the security of processing. The adherence of the processor to an approved code of conduct or an approved certification mechanism may be used as an element to demonstrate compliance with the obligations of the controller.

by Hillary at Jul 12, 2025, 10:10 PM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lewis

21 days ago

Option D is the way to go. You gotta make sure that new processor is GDPR-ready, no exceptions!

upvoted 0 times

...