GDRP Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

What are examples of personal data?

A

Name, address, National Insurance Number, passport number, any personally identifiable information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is special category data?

A

Racial origins, sexual orientation, religion, politics, things you might be discriminated against.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a data controller?

A

Someone who determines the purpose and essentials means for using personal data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a data processor?

A

A subcontracted company that handles data without making key decisions about that data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a data subject?

A

An identifiable natural person.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the General Data Protection Regulations (GDPR) for?

A

A law that sets the guidelines for safely and securely storing data and information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the 7 principles for GDPR?

A

1) Lawfulness, fairness, and transparency
2) Purpose Limitation
3) Data minimization
4) Accuracy
5) Storage Limitation
6) Integrity and confidentiality (security)
7) Accountability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the Lawfulness, fairness and transparency law?

A

Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject. There must be valid grounds for collecting and using personal data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the purpose limitation law?

A

Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the data minimisation law?

A

Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. Not gathering any more than needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the data minimisation law?

A

Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. Not gathering any more than needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the accuracy law?

A

Personal data shall be accurate and where necessary kept up to date.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the storage limitation law?

A

Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the integrity and confidentiality law?

A

Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate measures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the accountability law?

A

The controller shall be responsible for and be able to demonstrate compliance with the Data Protections Principles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the customer rights under GDPR?

A
Right to be informed
Right to access
Right to rectification
Right to erasure
Right to restriction of processing
Right to data portability
Right to object
Rights regrading automated decision making
16
Q

What is the Right to be informed?

A

Customers have a right to be informed that their data is being used and for what purpose.

17
Q

What is the Right Of Access

A

Customers have the right to access their data. This must be enabled either through business process or technical means.

18
Q

Wat is the Right to Rectification?

A

Customers have the right to correct information that they believe might be inaccurate.

19
Q

What is the Right to Erasure?

A

Customers have the right to be forgotten, provided that your legitimate interest to hold such information does not override theirs.

20
Q

What is the Right to restriction of processing?

A

Customers have the right to request that you stop processing their data.

21
Q

What is the right to data portability?

A

Machine and readable export of customers’ personal information must be enabled.

22
Q

What is the right to object?

A

Customer has the right to object to you using their data.

23
Q

What is Rights regarding automated decision making?

A

Customer has the right not to be subject to a decision based solely on automated processing, including profiling.