New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Exin PDPF Exam - Topic 2 Question 88 Discussion

Actual exam question for Exin's PDPF exam
Question #: 88
Topic #: 2
[All PDPF Questions]

A controller discovers that a data subject, who had given consent for the processing of his data, has passed away. What this implies for data processing according to the General Data Protection Regulation (GDPR)?

Show Suggested Answer Hide Answer
Suggested Answer: A

With the death of the data subject, the controller can process the data in any way he wishes, since personal data of deceased persons is not within the scope of the GDPR.

Recital 27 says: This Regulation does not apply to the personal data of deceased persons. Member States may provide for rules regarding the processing of personal data of deceased persons.


by Lezlie at Jul 30, 2025, 07:58 AM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Brent
2 months ago
Anonymizing data is a good workaround, but still tricky!
upvoted 0 times
...
Ena
2 months ago
Wait, can they really just keep processing it? Sounds sketchy.
upvoted 0 times
...
Dorothy
3 months ago
Totally agree, C seems right!
upvoted 0 times
...
Carmela
3 months ago
B is misleading; consent doesn't carry over after death.
upvoted 0 times
...
Werner
3 months ago
I think the consent is revoked upon death.
upvoted 0 times
...
Cristy
3 months ago
I believe that processing data after someone's death is a gray area. Option D sounds plausible if the data is anonymized, but I'm not certain.
upvoted 0 times
...
Carissa
3 months ago
This reminds me of a practice question we did about data retention policies. I feel like option C could be correct, but I'm not entirely confident.
upvoted 0 times
...
Malcom
4 months ago
I think I read somewhere that consent doesn't automatically end with death, but it might depend on the jurisdiction.
upvoted 0 times
...
India
4 months ago
I remember discussing how consent works under GDPR, but I'm not sure what happens when the data subject dies.
upvoted 0 times
...
Shaunna
4 months ago
This question is testing our understanding of the GDPR's rules around consent and data processing. I'll need to review the relevant sections to make sure I select the correct answer.
upvoted 0 times
...
Janey
4 months ago
I'm pretty confident I know the right answer here. The GDPR is clear that consent is required for data processing, and that consent is revoked upon the data subject's death. I'll select the appropriate option.
upvoted 0 times
...
Brunilda
4 months ago
Okay, I think I've got a strategy here. The key is to focus on the consent aspect and whether that consent is still valid after the data subject's death. I'll weigh the options carefully.
upvoted 0 times
...
Shaquana
5 months ago
Hmm, I'm a bit confused on this one. Does the GDPR have any specific provisions for handling data after someone passes away? I'll need to think this through.
upvoted 0 times
...
Bernadine
5 months ago
This is a tricky one. I'll need to carefully review the GDPR guidelines on consent and data processing after a data subject's death.
upvoted 0 times
...
Tamar
6 months ago
I think the controller can still process the data if it's necessary for legal reasons, so maybe D is the correct answer.
upvoted 0 times
...
Felicitas
6 months ago
But doesn't consent expire with the death of the data subject?
upvoted 0 times
...
Chauncey
6 months ago
I disagree, I believe it's B.
upvoted 0 times
...
Felicitas
7 months ago
I think the answer is C.
upvoted 0 times
...

Save Cancel