Question 9
A controller is processing personal data based on consent of the data subjects. There are no other legitimate grounds. While processing, the controller discovers that a data subject whose consent for the processing had been received, has died since.
What, according to the GDPR, will be the consequences for the controller with regard to the processing?
The controller can proceed with the processing as intended.
The controller can proceed, but only for the purposes for which consent has been given.
The controller must act as if the data subject has withdrawn consent and erase his/her data.
The controller needs to find the heir in order to require consent for the processing.
Correct answer: A
Explanation:
Reference: https://spectrum.ieee.org/telecom/internet/your-guide-to-the-gdpr
Reference: https://spectrum.ieee.org/telecom/internet/your-guide-to-the-gdpr