OneTrust Certified Privacy Professional Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the OneTrust Certified Privacy Professional Exam with detailed questions and explanations. Utilize flashcards and comprehensive MCQs to ensure you're ready to excel in your certification journey.

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What is NOT one of the principles of lawful data processing under GDPR?

  1. Storage Limitation

  2. Proportionality

  3. Integrity and Confidentiality

  4. Fairness

The correct answer is: Proportionality

Proportionality is not explicitly listed as one of the principles of lawful data processing under the General Data Protection Regulation (GDPR). The GDPR outlines specific principles that must be adhered to when processing personal data, including the ones mentioned in the choices. Storage Limitation refers to the requirement that personal data should only be kept for as long as necessary for the purposes for which it is processed. This principle is fundamental to ensuring that data is not retained indefinitely, which can lead to unnecessary risks regarding data security and privacy. Integrity and Confidentiality emphasize the need for organizations to implement appropriate security measures to protect personal data against unauthorized access, loss, or damage. This principle ensures that data is handled with care and safeguarded against breaches. Fairness pertains to the necessity of processing personal data in a manner that individuals would reasonably expect. It ensures transparency and builds trust between data subjects and organizations regarding how their personal information is being used. While proportionality may be a guiding principle in other legal contexts, it does not directly feature in the GDPR as one of the core principles of lawful processing of personal data. This distinction is important for understanding the regulatory framework of GDPR.

More Questions Like This