CIPP-E V2

What is true if an employee makes an access request to his employer for any personal data held about him?A . The employer can automatically decline the request if it contains personal data about a third person.B . The employer can decline the request if the information is only held...

SCENARIO Please use the following to answer the next question: ProStorage is a multinational cloud storage provider headquartered in the Netherlands. Its CEO. Ruth Brown, has developed a two-pronged strategy for growth: 1) expand ProStorage s global customer base and 2) increase ProStorage's sales force by efficiently onboarding effective teams....

The origin of privacy as a fundamental human right can be found in which document?A . Universal Declaration of Human Rights 1948.B . European Convention of Human Rights 1953.C . OECD Guidelines on the Protection of Privacy 1980.D . Charier of Fundamental Rights of the European Union 2000.View AnswerAnswer: A

Which marketing-related activity is least likely to be covered by the provisions of Privacy and Electronic Communications Regulations (Directive 2002/58/EC)? A. Advertisements passively displayed on a website. B. The use of cookies to collect data about an individual. C. A text message to individuals from a company offering concert tickets...

Bioface is a company based in the United States. It has no servers, personnel or assets in the European Union. By collecting photographs from social media and other web-based services, such as newspapers and blogs, it uses machine learning to develop a facial recognition algorithm. The algorithm identifies individuals in...

Which of the following does NOT have to be included in the records most processors must maintain in relation to their data processing activities?A . Name and contact details of each controller on behalf of which the processor is acting.B . Categories of processing carried out on behalf of each...

Under the GDPR, where personal data is not obtained directly from the data subject, a controller is exempt from directly providing information about processing to the data subject if?A . The data subject already has information regarding how his data will be usedB . The provision of such information to...

SCENARIO Please use the following to answer the next question: Joe is the new privacy manager for Who-R-U, a Canadian business that provides DNA analysis. The company is headquartered in Montreal, and all of its employees are located there. The company offers its services to Canadians only: Its website is...

Company X has entrusted the processing of their payroll data to Provider Y. Provider Y stores this encrypted data on its server. The IT department of Provider Y finds out that someone managed to hack into the system and take a copy of the data from its server. In this...

WP29’s “Guidelines on Personal data breach notification under Regulation 2016/679’’ provides examples of ways to communicate data breaches transparently. Which of the following was listed as a method that would NOT be effective for communicating a breach to data subjects?A . A postal notificationB . A direct electronic messageC ....