A. They must provide each other with mutual assistance
B. Their leadership must change every four years
C. They must operate independently.
D. They review DPIAs in cases of unmitigated high risk
A. Social Work Data.
B. Health data
C. Education data, examination scripts and marks
D. Credit checking agency data
A. The processor may use the sub-processor without the written authorisation of the controller if it adheres to an approved code of conduct
B. The processor may use the sub-processor without the written authorisation of the controller if the processing is deemed to be low risk.
C. The processor may use the sub-processor without the written authorisation of the controller if the sub-processor signs a contract which reflects the same obligations as the contract with the controller
D. The processor must receive prior written authorisation to use the sub-processor
A. Controllers and Processors each have a responsibility to conduct legitimate interests balancing tests before processing data for direct marketing
B. The controller shall appoint a DPO before carrying out large scale processing
C. Processors have overarching responsibility to ensure their processing is compliant
D. The controller shall be responsible for. and be able to demonstrate compliance with the data protection principles.
