How is the GDPR’s position on consent MOST likely to affect future app design and implementation?
Correct Answer:B
Which institution has the power to adopt findings that confirm the adequacy of the data protection level in a non-EU country?
Correct Answer:B
Which of the following does NOT have to be included in the records most processors must maintain in relation to their data processing activities?
Correct Answer:C
What is the key difference between the European Council and the Council of the European Union?
Correct Answer:D
SCENARIO
Please use the following to answer the next question:
BHealthy, a company based in Italy, is ready to launch a new line of natural products, with a focus on sunscreen. The last step prior to product launch is for BHealthy to conduct research to decide how extensively to market its new line of sunscreens across Europe. To do so, BHealthy teamed up with Natural Insight, a company specializing in determining pricing for natural products. BHealthy decided to share its existing customer information – name, location, and prior purchase history – with Natural Insight. Natural Insight intends to use this information to train its algorithm to help determine the price point at which BHealthy can sell its new sunscreens.
Prior to sharing its customer list, BHealthy conducted a review of Natural Insight’s security practices and concluded that the company has sufficient security measures to protect the contact information. Additionally, BHealthy’s data processing contractual terms with Natural Insight require continued implementation of technical and organization measures. Also indicated in the contract are restrictions on use of the data provided by BHealthy for any purpose beyond provision of the services, which include use of the data for continued improvement of Natural Insight’s machine learning algorithms.
Under the GDPR, what are Natural Insight’s security obligations with respect to the customer information it received from BHealthy?
Correct Answer:A