Under Article 30 of the GDPR, controllers are required to keep records of all of the following EXCEPT?

Under Article 30 of the GDPR, controllers are required to keep records of all of the following EXCEPT?
A . Incidents of personal data breaches, whether disclosed or not.
B . Data inventory or data mapping exercises that have been conducted.
C . Categories of recipients to whom the personal data have been disclosed.
D . Retention periods for erasure and deletion of categories of personal data.

View Answer

Answer: D

Explanation:

Reference: https://medium.com/golden-data/what-records-must-controllers-and-processors-keep-to-comply-with-eu-data-protection-law-3e8bac177695