Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

GDPR Exam Dumps : PECB Certified Data Protection Officer

PDF
GDPR pdf
 Real Exam Questions and Answer
 Last Update: Dec 12, 2025
 Question and Answers: 80 With Explanation
 Compatible with all Devices
 Printable Format
 100% Pass Guaranteed
$25.5  $84.99
GDPR exam
PDF + Testing Engine
GDPR PDF + engine
 Both PDF & Practice Software
 Last Update: Dec 12, 2025
 Question and Answers: 80
 Discount Offer
 Download Free Demo
 24/7 Customer Support
$40.5  $134.99
Testing Engine
GDPR Engine
 Desktop Based Application
 Last Update: Dec 12, 2025
 Question and Answers: 80
 Create Multiple Test Sets
 Questions Regularly Updated
  90 Days Free Updates
  Windows and Mac Compatible
$30  $99.99

Verified By IT Certified Experts

CertsTopics.com Certified Safe Files

Up-To-Date Exam Study Material

99.5% High Success Pass Rate

100% Accurate Answers

Instant Downloads

Exam Questions And Answers PDF

Try Demo Before You Buy

Certification Exams with Helpful Questions And Answers

PECB Certified Data Protection Officer Questions and Answers

Question 1

Scenario4:

Berc is a pharmaceutical company headquartered in Paris, France, known for developing inexpensive improved healthcare products. They want to expand to developing life-saving treatments. Berc has been engaged in many medical researches and clinical trials over the years. These projects required the processing of large amounts of data, including personal information. Since 2019, Berc has pursued GDPR compliance to regulate data processing activities and ensure data protection. Berc aims to positively impact human health through the use of technology and the power of collaboration. They recently have created an innovative solution in participation with Unty, a pharmaceutical company located in Switzerland. They want to enable patients to identify signs of strokes or other health-related issues themselves. They wanted to create a medical wrist device that continuously monitors patients' heart rate and notifies them about irregular heartbeats. The first step of the project was to collect information from individuals aged between 50 and 65. The purpose and means of processing were determined by both companies. The information collected included age, sex, ethnicity, medical history, and current medical status. Other information included names, dates of birth, and contact details. However, the individuals, who were mostly Berc's and Unty's customers, were not aware that there was an arrangement between Berc and Unty and that both companies have access to their personal data and share it between them. Berc outsourced the marketing of their new product to an international marketing company located in a country that had not adopted the adequacy decision from the EU commission. However, since they offered a good marketing campaign, following the DPO's advice, Berc contracted it. The marketing campaign included advertisement through telephone, emails, and social media. Berc requested that Berc’s and Unty's clients be first informed about the product. They shared the contact details of clients with the marketing company.Based on this scenario, answer the following question:

Question:

Is the transfer of data fromBerc to Untyin compliance with GDPR?

Options:

A.

Yes, Berc can transfer data to Unty because Switzerland provides a level of data protection that is "essentially equivalent” to that of the EU.

B.

Yes, Berc can transfer data to Unty because they collected data for the same purpose.

C.

No, Berc cannot transfer data to a company in Switzerland unless authorization from the supervisory authority in France is obtained.

D.

No, Berc must conduct a new DPIA before transferring data to Switzerland.

Buy Now
Question 2

Scenario3:

COR Bank is an international banking group that operates in 31 countries. It was formed as the merger of two well-known investment banks in Germany. Their two main fields of business are retail and investment banking. COR Bank provides innovative solutions for services such as payments, cash management, savings, protection insurance, and real-estate services. COR Bank has a large number of clients and transactions. Therefore, they process large information, including clients' personal data. Some of the data from the application processes of COR Bank, including archived data, is operated by Tibko, an IT services company located in Canada. To ensure compliance with the GDPR, COR Bank and Tibko have reached a data processing agreement Based on the agreement, the purpose and conditions of data processing are determined by COR Bank. However, Tibko is allowed to make technical decisions for storing the data based on its own expertise. COR Bank aims to remain a trustworthy bank and a long-term partner for its clients. Therefore, they devote special attention to legal compliance. They started the implementation process of a GDPR compliance program in 2018. The first step was to analyze the existing resources and procedures. Lisa was appointed as the data protection officer (DPO). Being the information security manager of COR Bank for many years, Lisa had knowledge of the organization's core activities. She was previously involved in most of the processes related to information systems management and data protection. Lisa played a key role in achieving compliance to the GDPR by advising the company regarding data protection obligations and creating a data protection strategy. After obtaining evidence of the existing data protection policy, Lisa proposed to adapt the policy to specific requirements of GDPR. Then, Lisa implemented the updates of the policy within COR Bank. To ensure consistency between processes of different departments within the organization, Lisa has constantly communicated with all heads of GDPR. Then, Lisa implemented the updates of the policy within COR Bank. To ensure consistency between processes of different departments within the organization, Lisa has constantly communicated with all heads of departments. As the DPO, she had access to several departments, including HR and Accounting Department. This assured the organization that there was a continuous cooperation between them. The activities of some departments within COR Bank are closely related to data protection. Therefore, considering their expertise, Lisa was advised from the top management to take orders from the heads of those departments when taking decisions related to their field. Based on this scenario, answer the following question:

Question:

Considering the GDPR's territorial scope and thedata processing agreementbetween COR Bank and Tibko, which of the following best describes Tibko's obligations under the GDPR?

Options:

A.

Tibko's compliance with GDPR is limited to implementing technical safeguards for data storage,as stipulated by the data processing agreement with COR Bank.

B.

Tibko must adhere to all GDPR provisions independently, including determining the purpose of processing personal data, as a processor acting under COR Bank's authority.

C.

Tibko is required to comply with the GDPR because it processes personal data on behalf of COR Bank, and COR Bank determines the purpose of processing under their agreement.

D.

Tibko is not subject to GDPR since it is located outside the EU and only provides IT services.

Question 3

Question:

What is therole of the European Data Protection Board (EDPB)?

Options:

A.

Tosupervise and monitorthe application of GDPR within the EU.

B.

Toadvise the European Commissionregarding data protection issues in the EU.

C.

Tonegotiate and adopt EU lawsas per the proposals from the European Commission.

D.

Toconduct audits on organizationssuspected of GDPR violations.