Which of the following would require designating a data protection officer?
Which of the following would require designating a data protection officer?
A . Processing is carried out by an organization employing 250 persons or more.
B . Processing is carried out for the purpose of providing for-profit goods or services to individuals in the E
D . The core activities of the controller or processor consist of processing operations of financial information or information relating to children.
E . The core activities of the controller or processor consist of processing operations that require systematic monitoring of data subjects on a large scale.
Answer: D
Explanation:
Reference: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/accountability-and-governance/data-protection-officers/
Latest CIPP-E Dumps Valid Version with 157 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
Based on the source you posted, the answer is E . The core activities of the controller or processor consist of processing operations that require systematic monitoring of data subjects on a large scale.
Source content:
Do we need to appoint a Data Protection Officer?
Under the UK GDPR, you must appoint a DPO if:
you are a public authority or body (except for courts acting in their judicial capacity);
your core activities require large scale, regular and systematic monitoring of individuals (for example, online behaviour tracking); or
your core activities consist of large scale processing of special categories of data or data relating to criminal convictions and offences.