面试题与答案

A DPO is responsible for ensuring that an organization processes personal data in compliance with GDPR, provides advice on data protection impact assessments, and acts as a contact point for data subjects and the supervisory authority.

A DPIA is a process to identify and minimize the data protection risks of a project. It is required when processing is likely to result in a high risk to individuals' rights and freedoms.

The Right to Data Portability allows individuals to receive and transfer their personal data between controllers in a structured, commonly used, and machine-readable format.

The One-Stop-Shop mechanism allows businesses operating in multiple EU countries to deal with a single supervisory authority for cross-border data processing activities.

The Lead Supervisory Authority is the primary authority overseeing the processing activities of a data controller or processor that operates in multiple EU member states.

A DPO must operate independently, report to the highest management level, and not receive any instructions regarding the exercise of their tasks.

A DPIA is a process to identify and minimize the data protection risks of a project. It is required when processing is likely to result in a high risk to individuals' rights and freedoms.

Legitimate interest allows the processing of personal data if it is necessary for legitimate interests pursued by the data controller, except where overridden by the interests or rights and freedoms of the data subject.

GDPR introduces stronger data protection principles, increased individual rights, higher fines for non-compliance, and a more consistent approach to data protection across the EU.

Valid consent must be freely given, specific, informed, and unambiguous. Individuals have the right to withdraw consent at any time.

The Right to Erasure allows individuals to request the deletion or removal of their personal data when there is no compelling reason for its continued processing.