GDPR 面试题与答案
问题 26. How does GDPR define a 'personal data breach'?
A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data.
问题 27. What are the requirements for obtaining valid consent under GDPR?
Valid consent must be freely given, specific, informed, and unambiguous. Individuals have the right to withdraw consent at any time.
问题 28. How does GDPR address international data transfers?
GDPR allows the transfer of personal data to countries outside the EU under certain conditions, such as the existence of adequacy decisions or the implementation of appropriate safeguards.
问题 29. What is the 'Right to Erasure' (Right to be Forgotten) and when can it be exercised?
The Right to Erasure allows individuals to request the deletion or removal of their personal data when there is no compelling reason for its continued processing.
问题 30. How can organizations ensure GDPR compliance in their third-party relationships?
Organizations should conduct due diligence on third-party data processors, include GDPR-compliant clauses in contracts, and monitor compliance throughout the relationship.
用户评价最有帮助的内容:
- What is GDPR?
- Who does GDPR apply to?
- What is the 'Right to be Forgotten' under GDPR?
- How does GDPR define a 'personal data breach'?
- Explain the concept of 'Data Minimization' under GDPR.