CIPP-E exam

A U.S.-based online shop uses sophisticated software to track the browsing behavior of its European customers and predict future purchases. It also shares this information with third parties. Under the GDPR, what is the online shop’s PRIMARY obligation while engaging in this kind of profiling?A . It must solicit informed...

WP29’s “Guidelines on Personal data breach notification under Regulation 2016/679’’ provides examples of ways to communicate data breaches transparently. Which of the following was listed as a method that would NOT be effective for communicating a breach to data subjects?A . A postal notificationB . A direct electronic messageC ....

Company X has entrusted the processing of their payroll data to Provider Y. Provider Y stores this encrypted data on its server. The IT department of Provider Y finds out that someone managed to hack into the system and take a copy of the data from its server. In this...

SCENARIO Please use the following to answer the next question: Anna and Frank both work at Granchester University. Anna is a lawyer responsible for data protection, while Frank is a lecturer in the engineering department. The University maintains a number of types of records: - Student records, including names, student...

What is an important difference between the European Court of Human Rights (ECHR) and the Court of Justice of the European Union (CJEU) in relation to their roles and functions?A . ECHR can rule on issues concerning privacy as a fundamental right, while the CJEU cannot.B . CJEU can force...

SCENARIO Please use the following to answer the next question: Louis, a long-time customer of Bedrock Insurance, was involved in a minor car accident a few months ago. Although no one was hurt, Louis has been plagued by texts and calls from a company called Accidentable offering to help him...

SCENARIO Please use the following to answer the next question: Louis, a long-time customer of Bedrock Insurance, was involved in a minor car accident a few months ago. Although no one was hurt, Louis has been plagued by texts and calls from a company called Accidentable offering to help him...

SCENARIO Please use the following to answer the next question: Anna and Frank both work at Granchester University. Anna is a lawyer responsible for data protection, while Frank is a lecturer in the engineering department. The University maintains a number of types of records: - Student records, including names, student...

SCENARIO Please use the following to answer the next question: You have just been hired by a toy manufacturer based in Hong Kong. The company sells a broad range of dolls, action figures and plush toys that can be found internationally in a wide variety of retail stores. Although the...

In 2016’s Guidance, the United Kingdom’s Information Commissioner’s Office (ICO) reaffirmed the importance of using a “layered notice” to provide data subjects with what?A . A privacy notice containing brief information whilst offering access to further detail.B . A privacy notice explaining the consequences for opting out of the use...