CIPP-E Practice Online

Question 1

In which scenario is a Controller most likely required to undertake a Data Protection Impact Assessment?

A : When the controller is collecting email addresses from individuals via an online registration form for marketing purposes.

B : When personal data is being collected and combined with other personal data to profile the creditworthiness of individuals.

C : When the controller is required to have a Data Protection Officer.

D : When personal data is being transferred outside of the EEA.

Answer: B

Question 2

A company wishes to transfer personal data to a country outside of the European Union/EEA In order to do so, they are planning an assessment of the country's laws and practices, knowing that these may impinge upon the transfer safeguards they intend to use

All of the following factors would be relevant for the company to consider EXCEPT'?

A : Any onward transfers, such as transfers of personal data to a sub-processor in the same or another third country.

B : The process of modernization in the third country concerned and their access to emerging technologies that rely on international transfers of personal data

C : The technical, financial, and staff resources available to an authority m the third country concerned that may access the personal data to be transferred

D : The contractual clauses between the data controller or processor established in the European Union/EEA and the recipient of the transfer established in the third country concerned

Answer: B

Question 3

Many businesses print their employees' photographs on building passes, so that employees can be identified by security staff. This is notwithstanding the fact that facial images potentially qualify as biometric data under the GOPR. Why would such practice be permitted?

A : Because use of biometric data to confirm the unique identification of data subjects benefits from an exemption.

B : Because photographs qualify as biometric data only when they undergo a "specific technical processing".

C : Because employees are deemed to have given their explicit consent when they agree to be photographed by their employer.

D : Because photographic ID is a physical security measure which is "necessary for reasons of substantial public interest".

Answer: B

Question 4

The origin of privacy as a fundamental human right can be found in which document?

A : Universal Declaration of Human Rights 1948.

B : European Convention of Human Rights 1953.

C : OECD Guidelines on the Protection of Privacy 1980.

D : Charier of Fundamental Rights of the European Union 2000.

Answer: A

Question 5

A German data subject was the victim of an embarrassing prank 20 years ago. A newspaper website published an article about the prank at the time, and the article is still available on the newspaper's website. Unfortunately, the prank is the top search result when a user searches on the victim's name. The data subject requests that SearchCo delist this result. SearchCo agrees, and instructs its technology team to avoid scanning or indexing the article. What else must SearchCo do?

A : Notify the newspaper that its article it is delisting the article.

B : Fully erase the URL to the content, as opposed to delist which is mainly based on data subject's name.

C : Identify other controllers who are processing the same information and inform them of the delisting request.

D : Prevent the article from being listed in search results no matter what search terms are entered into the search engine.

Answer: A

Name:	Certified Information Privacy Professional/Europe
Exam Code:	CIPP-E
Certification:	IAPP Certification Programs
Vendor:	IAPP
Total Questions:	250
Last Updated:	Apr 22, 2024

Download Demo CIPP-E Dumps

Create Account

Password Recovery

Download Demo CIPP-E Dumps

Member Login

Create Account

Password Recovery

CIPP-E Practice Online