Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Exin Exam PDPF Topic 8 Question 57 Discussion

Actual exam question for Exin's Privacy and Data Protection Foundation exam
Question #: 57
Topic #: 8
[All Privacy and Data Protection Foundation Questions]

The GDPR describes the principle of data minimization. How can organizations comply with this principle?

Show Suggested Answer Hide Answer
Suggested Answer: C

By applying the concept of least privilege to the personal data collected, stored or otherwise

processed. Incorrect. Data minimization does not address least privilege.

By limiting access rights to staff who need the personal data for the intended processing operations. Incorrect. This describes the concept of limiting authorization for instance to comply with the principle of integrity and confidentiality.

By limiting file sizes, through saving all personal data that is processed in the smallest possible format. Incorrect. Data minimization according to the GDPR is not about storage size, but about minimalizing the use of personal data.

By limiting the personal data to what is adequate, relevant and necessary for the processing purposes.

Correct. This is the essence of the description in the GDPR. (Literature: A, Chapter 2; GDPR Article 5(1)(c))


Comments

Bette
4 hours ago
Exactly! Data minimization is all about the quality and relevance of the data, not just the quantity or file size. I'm pretty confident C is the right answer here.
upvoted 0 times
...
Marci
1 days ago
Hmm, option D doesn't really make sense to me. File size limitations don't necessarily equate to data minimization. It's more about only collecting and keeping the bare minimum of personal information.
upvoted 0 times
...
Catina
2 days ago
Yeah, I was thinking the same thing. Options A and B are also important, but they're more about access control rather than the actual data minimization aspect.
upvoted 0 times
...
Novella
4 days ago
I agree, option C seems to be the correct answer. Collecting and storing more personal data than required is a common compliance issue, so we need to be very careful about that.
upvoted 0 times
...
Cherelle
6 days ago
This question is definitely testing our understanding of the GDPR's data minimization principle. I think the key is to limit the personal data collected and processed to only what's absolutely necessary for the intended purpose.
upvoted 0 times
...

Save Cancel