CIPP/E Test Questions & Answers
What is the importance of the Treaty of Rome (1957) on the Data Protection Directive and the
GDPR? - ANS - Allowed the Data Protection Directive and GDPR to be setup as harmonization
fo
...
CIPP/E Test Questions & Answers
What is the importance of the Treaty of Rome (1957) on the Data Protection Directive and the
GDPR? - ANS - Allowed the Data Protection Directive and GDPR to be setup as harmonization
for European member states.
How many member states in the European Union? - ANS - 28 member states
What is the European Economic Area composed of? - ANS - EU member states + Iceland +
Liechtenstien + Norway
What are the key characteristics of the Data Protection Directive? - ANS - - Places obligations on
member states
- Is transposed into 28 national laws in the EU
- Differs across member states
- Formed the Article 29 Working Party
In what ways is the GDPR different from the Data Protection Directive? - ANS - The GDPR:
- is directly applicable and enforceable as law
- provides one set of data protection rules for all
- allows member states a degree of tailoring
- forms the European Data Protection Board (EDPB)
What are the special categories of personal data? - ANS - - racial origin
- ethic origin
- political opinions
- religious beliefs
- philosophical beliefs
- trade-union membership
- genetic data
- biometric data
- health data
- sex life
- sexual orientation
(- criminal convictions and offences can only be processed by authorities with safeguards)
What is a supervisory authority? - ANS - A Data Protection Authority (DPA) - an entity
appointed to enforce privacy or data protection laws and regulation in a particular jurisdiction.
What is the definition of data processing? - ANS - Any operation or set of operations which is
performed on personal data or on sets of personal data, whether or not by automated means.
What are the GDPR data processing principles? - ANS - - Lawfulness, fairness, and transparency
of processing
- Purpose limitation
- Data minimization and proportionality
- Data quality and accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
What are the two types of scope needed for the GDPR to apply? - ANS - - territorial scope
- material scope
When is territorial scope satisfied? - ANS - GDPR applies if a controller or processor:
(1) is established in the EU,
(2) offers goods or services to EU residents,
(3) monitors behavior of EU residents,
(4) is outside the EU, but EU member state law applies
Companies without presence in the EU need to comply!
What is outside the material sc
[Show More]
.png)
.png)
.png)
