1. Home
  2. Discussions
  3. PECB
  4. Privacy And Data Protection
  5. GDPR Discussions
  6. GDPR Exam Topic 2 Question 14 Discussion

PECB Certified Data Protection Officer GDPR Question # 14 Topic 2 Discussion

 PECB Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

PECB Certified Data Protection Officer GDPR Question # 14 Topic 2 Discussion

GDPR Exam Topic 2 Question 14 Discussion:
Question #: 14
Topic #: 2

Scenario:

A financial institution collectsbiometric data of its clients, such asface recognition, to support apayment authentication processthat they recently developed. The institution ensures thatdata subjects provide explicit consentfor the processing of theirbiometric datafor this specific purpose.

Question:

Based on this scenario, should theDPO advise the organization to conduct a DPIA (Data Protection Impact Assessment)?
A.

Yes, because biometric data is consideredspecial category personal data, and its processing is likely to involvehigh risk.

B.

No, becauseexplicit consenthas already been obtained from the data subjects.

C.

No, because DPIAs areonly requiredwhen processing personal dataon a large scale, which is not specified in this case.

D.

Yes, but only if the biometric data is storedfor more than five years.

Get Premium GDPR Questions
Actual exam question for PECB GDPR exam by Kai46877 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next