Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
article 2.2.a states:
This Regulation does not apply to the processing of personal data:
in the course of an activity which falls outside the scope of Union law;
D is the option that does not process personal data from EU members or is done by controllers of processors related to EU
The best answer is clearly D.
The problem with B is that it's unclear if that Australian company processes EU citizen data, but it probably has employees, and there must be a reason its HQ is in the EU.
D is a clear-cut case.
D is the correct answer,
For clarification, see Example 7 in the 2018 Guidelines on Territorial Scope of the GDPR:
https://edpb.europa.eu/sites/default/files/files/file1/edpb_guidelines_3_2018_territorial_scope_after_public_consultation_en_1.pdf
Specifically:
If a controller does not target EU market, and does not have establishments in the EU, the GDPR does not apply to it.
Although the GDPR does apply to the processor, and they need to fulfill any regulations regarding its processing activities, this question is about the controller and *not* the processor.
based on the information provided, option B is the most likely to be exempt from complying with the GDPR, as long as the company only stores customer data in Australia and is not established in the EU.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
semilias
Highly Voted 1 year, 3 months agoSecretInvasion
Most Recent 6 months agoRavi888
11 months, 1 week agoZeroStatic
1 year agonum
1 year, 1 month ago