Developing Applications Using Cisco Core Platforms and APIs (DEVCOR) — Question 143

What is a well-defined concept for GDPR compliance?

Answer options

• A. Data controllers must confirm to data subjects as to whether, where, and why personal data is being processed.
• B. Personal data that was collected before the compliance standards were set do not need to be protected.
• C. Compliance standards apply to organizations that have a physical presence in Europe.
• D. Records that are relevant to an existing contract agreement can be retained as long as the contract is in effect.

Correct answer: A

Explanation

Option A is correct because it emphasizes the obligation of data controllers to inform data subjects about the processing of their personal data, which is a key requirement of GDPR. Option B is incorrect as it misrepresents the need for protection of all personal data regardless of when it was collected. Option C is misleading because GDPR applies to any organization processing data of EU citizens, regardless of their physical presence. Option D is partially correct but does not encompass the broader compliance requirements set by GDPR.