Under the General Data Protection Regulation, a bank can process personal data if the processing is:

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Qualified Financial Adviser Regulations Exam 2 with multiple choice questions, flashcards, and expert tips. Enhance your financial advising skills and confidently ace your exam!

Multiple Choice

Under the General Data Protection Regulation, a bank can process personal data if the processing is:

Explanation:
Under GDPR, you may process personal data only if there is a lawful basis for doing so. One such basis is that processing is necessary to protect the vital interests of the data subject or of another natural person. This is a narrow, emergency-driven exception used when someone’s life or health could be at risk and the data subject cannot give consent in time. In a banking context, this might apply in urgent situations where sharing certain information is essential to prevent harm or respond to a medical emergency. This option is the best fit because it directly matches the required basis: a real, essential risk to life or health that justifies processing without consent. The other ideas don’t provide a valid lawful basis on their own—processing that’s merely incidental to services isn’t a standalone basis; processing not necessary for a contract isn’t automatically allowed unless another basis applies; and having oversight by a senior manager doesn’t create a legal basis for data processing.

Under GDPR, you may process personal data only if there is a lawful basis for doing so. One such basis is that processing is necessary to protect the vital interests of the data subject or of another natural person. This is a narrow, emergency-driven exception used when someone’s life or health could be at risk and the data subject cannot give consent in time. In a banking context, this might apply in urgent situations where sharing certain information is essential to prevent harm or respond to a medical emergency.

This option is the best fit because it directly matches the required basis: a real, essential risk to life or health that justifies processing without consent. The other ideas don’t provide a valid lawful basis on their own—processing that’s merely incidental to services isn’t a standalone basis; processing not necessary for a contract isn’t automatically allowed unless another basis applies; and having oversight by a senior manager doesn’t create a legal basis for data processing.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy