🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional53 / 124
Question 53 of 124

A European retailer (the data controller) uses a SaaS marketing platform (the data processor) to store customer contact details subject to GDPR. The processor detects unauthorized access to a database containing this personal data. Under GDPR, what is the processor's primary legal obligation regarding this incident?

Reviewed for accuracy · Report an issueNext question