New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Exin PDPF Exam - Topic 6 Question 89 Discussion

Actual exam question for Exin's PDPF exam
Question #: 89
Topic #: 6
[All PDPF Questions]

When personal data are processed, who is ultimately responsible for demonstrating compliance with the GDPR?

Show Suggested Answer Hide Answer
Suggested Answer: D

Controller. Correct. The controller is responsible for adequate data security measures and must be able to demonstrate compliance with the GDPR. (Literature:A, Chapter 2)

Data protection officer (DPO). Incorrect. The DPO has expert knowledge and assists the controller or processor to monitor internal compliance.

Processor. Incorrect. The processor is the one who processes personal data according to the instructions of the controller. The controller remains ultimately responsible though.

Supervisory authority. Incorrect. The controller needs to demonstrate compliance with the GDPR if requested by the supervisory authority.


by Dorethea at Aug 16, 2025, 08:37 AM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Yuette
2 months ago
Nope, it's definitely not the processor.
upvoted 0 times
...
Walker
3 months ago
Really? I didn't know the controller was ultimately responsible!
upvoted 0 times
...
Shalon
3 months ago
Totally agree, the controller is responsible.
upvoted 0 times
...
Dortha
3 months ago
Wait, I thought the DPO had that role?
upvoted 0 times
...
Gennie
3 months ago
It's the data controller who has to prove compliance!
upvoted 0 times
...
Talia
3 months ago
I’m a bit confused about the supervisory authority's role here. Do they enforce compliance or just oversee it?
upvoted 0 times
...
Shawnna
4 months ago
I feel like the processor has some obligations, but the controller is the one who needs to demonstrate compliance overall.
upvoted 0 times
...
Louann
4 months ago
I remember a practice question where the DPO was mentioned, but I think they mainly advise rather than take full responsibility.
upvoted 0 times
...
Royal
4 months ago
I think the controller is ultimately responsible for compliance, but I'm not entirely sure if the DPO has a role in that too.
upvoted 0 times
...
Royal
4 months ago
Okay, let me think this through step-by-step. The controller is the entity that decides how and why personal data is processed, so they would be responsible for proving compliance. I've got this!
upvoted 0 times
...
Matt
4 months ago
The controller is ultimately responsible for demonstrating GDPR compliance, as they determine the purposes and means of processing personal data. I'm confident I can apply that knowledge to answer this question.
upvoted 0 times
...
Pamella
5 months ago
Hmm, I'm a bit unsure about the differences between the data protection officer, supervisory authority, processor, and controller. I'll need to review those concepts before attempting this.
upvoted 0 times
...
Leonora
5 months ago
This seems like a straightforward GDPR compliance question. I'll focus on understanding the key roles and responsibilities outlined in the regulation.
upvoted 0 times
...
Glory
5 months ago
D) Controller seems like the obvious answer here. The GDPR places the ultimate responsibility on the controller, who determines the purposes and means of processing personal data.
upvoted 0 times
...
Sherell
6 months ago
I agree with Allene. The controller is the one who determines the purposes and means of processing personal data.
upvoted 0 times
...
Allene
7 months ago
I think the controller is ultimately responsible for demonstrating compliance with the GDPR.
upvoted 0 times
...

Save Cancel