Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIPP/e > Articles > Flashcards

Articles Flashcards

1
Q

What does Article 5 cover?

A

Principles relating to the processing of personal data

  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality (protecting the data)
  • Accountability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does article 6 cover?

A

Lawfulness of processing (processing only lawful if one of these applies)

  • Consent
  • Performance of a contract
  • Necessary for compliance with a legal obligation
  • Necessary to protect vital integrates of data subject or other natural person
  • Public interest or exercise of official authority
  • Legitimate interest (except where overridden by rights of data subject)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does article 7 relate to?

A

Conditions for consent

  • Need to demonstrate that data subject has consented
  • If given in context of written declaration, must be separate from other matters (e.g. T&Cs) and in clear and plain language
  • Right to withdraw consent at any time (and as easy to withdraw as to give)
  • When assessing whether consent is freely given - account should be taken of whether provision of the service is conditional on consent to processing of data that is not necessary for performance of the contract (ref FB?)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which article lists the minimum requirements of binding corporate rules (BCRs)

A

BCRs are a form of adequacy decision.

Article 47 lists the minimum requirements of BCRs

Note there are different versions for controllers and processors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which article of the GDPR deals with codes of conduct?

A

Article 40 (and article 41 deals with oversight of these by an approved independent monitoring body)

CoC are a tool for appropriate safeguards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which articles cover certification mechanisms?

A

Articles 42 and 43

Article 42.7 says that certifications are issued only to data controllers and data processors (not to people/individuals)

Also unlikely that a company’s whole operation would be certified. Certification is more likely to focus on discrete processing operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which article covers derogations?

A

Article 49

Last resort option for international transfers when there are no adequacy decisions or appropriate safeguards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does Article 37 require?

A

It requires certain organisations to appoint a DPO

  • If you’re a public authority or body
  • If you conduct regular and systemic monitoring of data subjects on a large scale
  • If core activities consist of large scale processing of special categories of data or personal data relating to criminal cases
  • If you’re required to do so by member state law
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does Article 32 focus on?

A

Security of processing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the key principles outlined in Article 5

A

Article 5 deals with the principles relating to processing of personal data

  1. 1.a - Lawfulness, fairness and transparency
  2. 1.b - Purpose limitation
  3. 1.c - Data minimisation
  4. 1.d - Accuracy
  5. 1.e - Storage limitation
  6. 1.f - Integrity and confidentiality
      • Accountability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CIPP/e (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions