Exin Exam PDPF Topic 2 Question 88 Discussion

Actual exam question for Exin's PDPF exam

Question #: 88
Topic #: 2

[All PDPF Questions]

A controller discovers that a data subject, who had given consent for the processing of his data, has passed away. What this implies for data processing according to the General Data Protection Regulation (GDPR)?

AWith the death of the data owner, the controller can continue processing the data, as they are no longer under the GDPR.

BThe data can only be processed by the controller respecting the consent provided by the holder.

CThe controller must delete the data of the holder, since with the death of the holder the consent is automatically revoked.

DThe controller can process the data of a deceased person as long as it anonymizes the data.

Show Suggested Answer

Suggested Answer: A

With the death of the data subject, the controller can process the data in any way he wishes, since personal data of deceased persons is not within the scope of the GDPR.

Recital 27 says: This Regulation does not apply to the personal data of deceased persons. Member States may provide for rules regarding the processing of personal data of deceased persons.

by Lezlie at Jul 30, 2025, 07:58 AM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!