CIPP-E V2

SCENARIO Please use the following to answer the next question: Javier is a member of the fitness club EVERFIT. This company has branches in many EU member states, but for the purposes of the GDPR maintains its primary establishment in France. Javier lives in Newry, Northern Ireland (part of the...

What are the obligations of a processor that engages a sub-processor? A. The processor must give the controller prior written notice and perform a preliminary audit of the sub- processor. B. The processor must obtain the controller’s specific written authorization and provide annual reports on the sub-processor’s performance. C. The...

Which of the following is NOT considered a fair processing practice in relation to the transparency principle?A . Providing a multi-layered privacy notice, in a website environment.B . Providing a QR code linking to more detailed privacy notice, in a CCTV sign.C . Providing a hyperlink to the organization’s home...

SCENARIO Please use the following to answer the next question: Jack worked as a Pharmacovigiliance Operations Specialist in the Irish office of a multinational pharmaceutical company on a clinical trial related to COVID-19. As part of his onboarding process Jack received privacy training He was explicitly informed that while he...

What type of data lies beyond the scope of the General Data Protection Regulation?A . PseudonymizedB . AnonymizedC . EncryptedD . MaskedView AnswerAnswer: B Explanation: Reference: https://www.datainspektionen.se/other-lang/in-english/the-general-data-protection-regulation-gdpr/the-purposes-and-scope-of-the-general-data-protection-regulation/

According to Art 23 GDPR, which of the following data subject rights can NOT be restricted?A . Right to restriction of processing.B . Right to erasure ("Right to be forgotten").C . Right to lodge a complaint with a supervisory authority.D . Right not to be subject to automated individual decision-makingView...

Which statement is correct when considering the right to privacy under Article 8 of the European Convention on Human Rights (ECHR)?A . The right to privacy is an absolute rightB . The right to privacy has to be balanced against other rights under the ECHRC . The right to freedom...

What ruling did the Planet 49 CJEU judgment make regarding the issue of pre-ticked boxes?A . They are allowed if determined to be technically necessary.B . They do not amount to valid consent under any circumstances.C . They are allowed if recorded In the register of processing activities.D . They...

A news website based m (he United Slates reports primarily on North American events The website is accessible to any user regardless of location, as the website operator does not block connections from outside of the U.S. The website offers a pad subscription that requires the creation of a user...

In which of the following cases would an organization MOST LIKELY be required to follow both ePrivacy and data protection rules? A. When creating an untargeted pop-up ad on a website. B. When calling a potential customer to notify her of an upcoming product sale. C. When emailing a customer...