CIPP-E V1

A company wishes to transfer personal data to a country outside of the European Union/EEA In order to do so, they are planning an assessment of the country's laws and practices, knowing that these may impinge upon the transfer safeguards they intend to use All of the following factors would...

SCENARIO Please use the following to answer the next question: Due to rapidly expanding workforce, Company A has decided to outsource its payroll function to Company B. Company B is an established payroll service provider with a sizable client base and a solid reputation in the industry. Company B’s payroll...

SCENARIO Please use the following to answer the next question: Brady is a computer programmer based in New Zealand who has been running his own business for two years. Brady’s business provides a low-cost suite of services to customers throughout the European Economic Area (EEA). The services are targeted towards...

SCENARIO Please use the following to answer the next question: Building Block Inc. is a multinational company, headquartered in Chicago with offices throughout the United States, Asia, and Europe (including Germany, Italy, France and Portugal). Last year the company was the victim of a phishing attack that resulted in a...

What type of data lies beyond the scope of the General Data Protection Regulation?A . PseudonymizedB . AnonymizedC . EncryptedD . MaskedView AnswerAnswer: B Explanation: Reference: https://www.datainspektionen.se/other-lang/in-english/the-general-data-protection-regulation-gdpr/the-purposes-and-scope-of-the-general-data-protection-regulation/

Which statement provides an accurate description of a directive?A . A directive speo5es certain results that must be achieved, but each member state is free to decide how to turn it into a national lawB . A directive has binding legal force throughout every member state and enters into force...

Which of the following is NOT considered a fair processing practice in relation to the transparency principle?A . Providing a multi-layered privacy notice, in a website environment.B . Providing a QR code linking to more detailed privacy notice, in a CCTV sign.C . Providing a hyperlink to the organization’s home...

Bioface is a company based in the United States. It has no servers, personnel or assets in the European Union. By collecting photographs from social media and other web-based services, such as newspapers and blogs, it uses machine learning to develop a facial recognition algorithm. The algorithm identifies individuals in...

When is data sharing agreement MOST likely to be needed?A . When anonymized data is being shared.B . When personal data is being shared between commercial organizations acting as joint data controllers.C . When personal data is being proactively shared by a controller to support a police investigation.D . When...

Since blockchain transactions are classified as pseudonymous, are they considered to be within the material scope of the GDPR or outside of it?A . Outside the material scope of the GDPR, because transactions do not include personal data about data subjects m the European Union.B . Within the material scope...