Explore the obligations under GDPR when a processor engages a sub-processor. Learn about the consent requirement and the need for equivalent data processing obligations.
Table of Contents
Question
Under the General Data Protection Regulation (GDPR), what are the obligations of a processor that engages a sub-processor?
A. The processor must give the controller prior written notice and perform a preliminary audit of the sub-processor.
B. The processor must obtain the controller’s specific written authorization and provide annual reports on the sub-processor’s performance.
C. The processor must receive a written agreement that the sub-processor will be fully liable to the controller for the performance of its obligations in relation to the personal data concerned.
D. The processor must obtain the consent of the controller and ensure the sub-processor complies with data processing obligations that are equivalent to those that apply to the processor.
Answer
D. The processor must obtain the consent of the controller and ensure the sub-processor complies with data processing obligations that are equivalent to those that apply to the processor.
Explanation
The correct answer is D. Under the General Data Protection Regulation (GDPR), when a processor engages a sub-processor for carrying out specific processing activities on behalf of the controller, the processor must obtain the consent of the controller and ensure the sub-processor complies with data processing obligations that are equivalent to those that apply to the processor.
This is to ensure that the sub-processor provides sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of the GDPR. If the sub-processor fails to fulfil its data protection obligations, the initial processor remains fully liable to the controller for the performance of the sub-processor’s obligations.
IAPP CIPM certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the IAPP CIPM exam and earn IAPP CIPM certification.