New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Online CIPP-E Questions Video

Page: 2 / 19
Total 268 questions

Certified Information Privacy Professional/Europe (CIPP/E) Questions and Answers

Question 5

What must a data controller do in order to make personal data pseudonymous?

Options:

A.

Separately hold any information that would allow linking the data to the data subject.

B.

Encrypt the data in order to prevent any unauthorized access or modification.

C.

Remove all indirect data identifiers and dispose of them securely.

D.

Use the data only in aggregated form for research purposes.

Question 6

In which of the following situations would an individual most likely to be able to withdraw her consent for processing?

Options:

A.

When she is leaving her bank and moving to another bank.

B.

When she has recently changed jobs and no longer works for the same company.

C.

When she disagrees with a diagnosis her doctor has recorded on her records.

D.

When she no longer wishes to be sent marketing materials from an organization.

Question 7

If a multi-national company wanted to conduct background checks on all current and potential employees, including those based in Europe, what key provision would the company have to follow?

Options:

A.

Background checks on employees could be performed only under prior notice to all employees.

B.

Background checks are only authorized with prior notice and express consent from all employees including those based in Europe.

C.

Background checks on European employees will stem from data protection and employment law, which can vary between member states.

D.

Background checks may not be allowed on European employees, but the company can create lists based on its legitimate interests, identifying individuals who are ineligible for employment.

Question 8

Which of the following is an accurate statement regarding the "one-stop-shop" mechanism of the GDPR?

Options:

A.

It can result in several lead supervisory authorities in the EU assuming competence over the same data processing activities of an organization.

B.

It applies only to direct enforcement of data protection supervisory authorities (e.g.. finding a breach), but not to initiating or engaging m court proceedings

C.

It gives competence to the lead supervisory authority to address privacy issues derived from processes carried out by public authorities established in different countries.

D.

It allows supervisory authorities concerned (other than the lead supervisory authority) to act against organizations m exceptional cases even if they do not have any type of establishment in the Member State of the respective authority.

Page: 2 / 19
Total 268 questions