Bird
0
0

A company stores personal data without a clear retention policy. Which GDPR principle is violated?

medium📝 Analysis Q14 of 15
Cybersecurity - Compliance and Governance
A company stores personal data without a clear retention policy. Which GDPR principle is violated?
ALawfulness of processing
BData minimization
CStorage limitation
DData portability
Step-by-Step Solution
Solution:

  1. Step 1: Understand storage limitation principle

    GDPR requires personal data to be kept only as long as necessary, which is storage limitation.

  2. Step 2: Match the violation to the principle

    Storing data without a retention policy means no limit on storage time, violating storage limitation.

  3. Final Answer:

    Storage limitation -> Option C

  4. Quick Check:

    Unlimited storage breaks storage limitation [OK]
Quick Trick: No retention policy breaks storage limitation rule [OK]
Common Mistakes:
MISTAKES
  • Confusing data minimization with storage limits
  • Thinking lawfulness covers storage duration
  • Mixing data portability with storage rules

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Cybersecurity Quizzes
Advanced Threat Protection - Security Orchestration and Automation (SOAR) - Quiz 2easy Advanced Threat Protection - Threat hunting techniques - Quiz 3easy Compliance and Governance - Risk assessment methodologies - Quiz 7medium Incident Response - Incident documentation - Quiz 7medium Incident Response - Post-incident review - Quiz 5medium Incident Response - Why incident response plans save organizations - Quiz 5medium Incident Response - Containment strategies - Quiz 13medium Security Architecture and Design - Why secure design prevents vulnerabilities - Quiz 6medium Security Architecture and Design - Why secure design prevents vulnerabilities - Quiz 5medium Security Architecture and Design - Microservices security architecture - Quiz 7medium