Which of the following information is NOT required to be provided by the data controller when complying with GDPR "right to access" requirements?
Which of the following information is NOT required to be provided by the data controller when complying with GDPR "right to access" requirements?
C. While a DPO must be identified and given to supervisory authorities to GDPR regulators, the actual name of the person to be posted is not required. Contact information is required, but that is different then the name. Answer A can't be right because how can you complete a data subject access request without knowing the process?
the question asked what information must be provided to the data subject in the access response — not what you as a company must set up internally