Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

European Data Protection CIPP E > Test Questions > Flashcards

Test Questions Flashcards

1
Q

When does an organization need to take action to legitimize cross-border transfers?

A

when data transferred from a jurisdiction in the EU to a 3rd country not adequate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the time period within which a controller needs to respond to a data subject request?

A

without undue delay or within one month of receiving request

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

As a regulation, are GDPR’s provisions binding?

A

Yes.

on EU member states but leaves discretion in some areas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

When processing an individual’s personal data in the context of direct marketing activities, what must data controllers do?

A

provide individuals with information explaining that their personal data will be used for marketing purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Can you require consent?

A

No.

consent must be freely given - given on a voluntary basis. there must be a real choice. any element of inappropriate pressure or influence renders the consent invalid.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What information should be provided in an employer notice about monitoring?

A

purpose of monitoring
potential uses of the data
employee rights related to their data
whom employees should contact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What must a controller do upon receiving a proper request for erasure and that data has been made public?

A

take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What was a major goal of the OECD Guidelines, Convention 108 and Data Protection Directive?

A

synchronization of approaches to data protection

(harmonized approach)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the 7 Privacy Shield principles?

A
  1. Notice
  2. Access
  3. Choice
  4. Accountability for onward transfer
  5. Security
  6. Data integrity and purpose limitation
  7. Recourse, enforcement and liability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How is pseudyonmous data defined in GDPR?

A

Data that cannot be attributed to a specific data subject without the use of additional
information kept separately.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

When does the right not to be subject to automated decision-making NOT apply?

A
  1. decision is necessary for entering into or performance of a contract
  2. authorized by Union or Member State law, and tehre are suitable safeguards
  3. based on data subject’s explicit consent
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Can a data subject lodge a complaint with SA without first registering complaint with controller?

A

Yes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

European Data Protection CIPP E (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions