Which of the following statements is inconsistent with the EDPB's position on qualifying a given processing as a “transfer” under Chapter V of the GDPR?
A.
Transfers subject to the GDPR can only occur when two separate parties – each of them a controller, joint controller or processor – are involved.
B.
Transfers subject to the GDPR may involve data disclosures between entities belonging to the same corporate group (intra-group data disclosures).
C.
Transfers subject to the GDPR may involve remote access of personal data from a third country during a business trip of an employee of the controller for the given processing.
D.
Transfers in which a controller or processor makes personal data available to another controller, joint controller, or processor needs to be subject to the GDPR for the given processing.
A- This statement is incorrect because transfers under Chapter V of the GDPR do not necessarily require two separate parties. A transfer can involve data disclosures between entities within the same corporate group (intra-group data disclosures) and can also include situations where remote access to data from a third country is involved, such as during a business trip. The key factor is that the data is transferred to a third country, and the GDPR’s requirements for transfers apply in these contexts to ensure adequate protection of personal data.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Ssourav
3 months, 3 weeks ago7f814c6
4 months agoClaire0911
1 year, 1 month ago