Privacy

Question 1

What is privacy

Answer 1

Refers to a moral right of individuals to avoid intrusion into their personal affairs by third parties

Question 2

What type of information is collected by digital marketers

Answer 2

Contact information
Profile information
Platform usage
Behavioural insights on a single site 
Behavioural information on multiple sites

Question 3

How is contact information approached

Answer 3

Online forms

Cookies

Question 4

How is profile information collected

Answer 4

Online registration forms

Cookies

Question 5

How is platform usage identified

Answer 5

Analytics

Question 6

How are behavioural insights collected

Answer 6

Purchase history
Web analytics
First party cookies
Malware

Question 7

How is behaviour information on multiple sites collected

Answer 7

Third party cookies
Search engines
Sites monitoring internet traffic

Question 8

What is GDPR

Answer 8

General data protection regulation

Question 9

What are the requirements of GDPR

Answer 9

All data controllers and processors that handle the personal information of EU residents must implement the appropriate technical and organisational measures to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services or face fines up to 20 million euro or 4% of annual global turnover

Question 10

Who does GDPR apply to

Answer 10

All member states of the EU

And any organisation anywhere in the world that provides service into the EU involving processing personal data

Question 11

2 benefits of GDPR

Answer 11

Protects the rights privacy and freedom of EU people
Helps business operate uniformly across all eu states
Facilitates the free movement of data throughout the EU

Question 12

5 important terms in privacy

Answer 12

Processing
Controller
Processor 
Personal data 
Supervisory authority

Question 13

What does processing mean

Answer 13

Any operation which is perform d on personal data eg 
Collecting 
Recording
Organising 
Structuring 
Storing
Adapting
Retrieving 
Consulting 
Using
Disclosing 
Transmission
Dissemination 
Making available alignment or combination, restriction, erasure or destruction

Question 14

What does controller mean

Answer 14

The natural or legal person, public authority max agency or other body which determines the purposes and means of processing personal data

Question 15

What is a processor

Answer 15

The natural or legal person, public authority, agency, or other body which proceeded personal data on behalf of the controller

Question 16

What is personal data

Answer 16

Any information relating to an identified or identifiable person or ‘data subject’.
An identifiable natural person is one who can be identified directly or indirectly in particular reference to an identifier such as name, id number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the person.

Question 17

What is supervisory authority

Answer 17

An independent public authority which is established by a member state pursuant to article 51.
It is the governmental organisation in each member state that is responsible for the enforcement of GDPR
UK- ICO information commissioners office

Question 18

What are data subject rights

Answer 18

Rights data subjects have in relation to their personal data

Question 19

What are four examples of data subject rights

Answer 19

The right for individuals to have a sense of control over their personal data through obligating organisations to provide transparency on their data processing methods

The entitlement for data subjects to complain to supervisory authorities and seek judicial remedies against controllers and processes for damages (both materials and non material) arising from breaches of the GDPR

The security of any personal data that is passed to a processor which the controller is responsible for, wether the processor is inside or outside the EU

The time limits for organisations to respond to subject access requests and introduce new rights such as the right to data portability

Question 20

What information does right to access regulation state data subjects must be given access to

Answer 20

A copy of their personal data
The purposes of processing their data
The categories of the data being processed
The third parties or categories of third parties that will receive their data

Question 21

How long does GDPR give data controllers to respond to right to access requests

Answer 21

1 month and it should be free of charge

Question 22

What is the right to rectification

Answer 22

The data subject had the right to rectify any inaccuracies in the personal data held about them
Eg if customers view their personal data online you might use the same web interface to allow them to edit their personal data

Question 23

What is the right to be forgotten

Answer 23

Data subjects can request that information is erased if they withdraw consents or there is an issue with the underlying legality of the processing

Question 24

Reasons organisations are not automatically obliged to delete data under GDPR

Answer 24

1) to protect the right of freedom of expression and information
2) to comply with a EU legal obligation
3) to perform a task in the wider public Interest or exercise of official authority
4) for public health reasons
5) for archiving scientific or historical research or statistical purposes
6) for the establishment, exercise or defence of legal claims

Question 25

What is the right to restriction of processing

Answer 25

Although an organisation can store the personal data this right means that it can’t process the data further unless the individual gives their consent to lift the restriction or the processing is necessary for the establishment of legal claims, to protect the right of another person or interest if the wider public

Question 26

When does an individual have the right to restrict the processing of data

Answer 26

If they contest the accuracy of the data
If the processing of the data is unlawful but the data subject does not want their data to be erased and instead requests the restriction of their use
If the controller no longer needs the personal data for purposes of processing but the data subject requires the data to establish exercise or defend legal claims
If they object to their data in accordance with the right to object and restriction is used while
The controller seeks to verify the legitimate grounds for continuing processing

Question 27

What is the right to data portability

Answer 27

The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability.

Question 28

What is the right to object

Answer 28

A data subject can object to having their personal data processed

The UK GDPR gives individuals the right to object to the processing of their personal data in certain circumstances.
Individuals have an absolute right to stop their data being used for direct marketing.
In other cases where the right to object applies you may be able to continue processing if you can show that you have a compelling reason for doing so.
You must tell individuals about their right to object.
An individual can make an objection verbally or in writing.
You have one calendar month to respond to an objection.

Question 29

What is consent

Answer 29

The data subject freely gives specific informed and unambiguous indication of the data subjects wishes by which he kr she signifies agreement to the processing of Personal data