CIPP E Exam Questions
and Complete Solutions
Graded A+
A key component of the OECD Guidelines is the 'individual participation principle.' What parts of the
GDPR provide the closest equivalent? - Answer: Rights granted to data subjects under Articles 12 to 23
Under the GDPR, when processing data for direct marketing activities, data controllers must do which of
the following? - Answer: Provide info explaining how personal data will be used for marketing purposes
How does the GDPR define processing? - Answer: Any operation or set of operations performed on
personal data or on sets of personal data
Which of the following is a right/freedom that must be considered when balancing privacy rights under
the GDPR? - Answer: Freedom of expression
Which of the following is a right/freedom that must be considered when balancing privacy rights under
the GDPR? - Answer: Freedom to conduct lawful business
Much of the GDPR builds upon the Data Protection Directive. Which of the following data subject rights
is the only right that did NOT exist in some form in the Directive? - Answer: Right to data portability
Under the right to be forgotten, what is a controller required to do when they receive a proper request
for erasure from a data subject? - Answer: Inform all third party controllers processing shared personal
data that they must delete it
What is one major goal that the OECD Guidelines, Convention 108 and the Data Protection Directive had
in common but largely failed to achieve in Europe? - Answer: Synchronization of the approaches to data
protection
, Which of the following is one of the seven EU-US and Swiss-US Privacy Shield Principles? - Answer:
Security
Which of the following is one of the seven EU-US and Swiss-US Privacy Shield Principles? - Answer:
Access
Which of the following is a piece of criteria that the supervisory authority may take into account when
determining the amount of a fine? - Answer: Actions taken by the controller to mitigate the damage
suffered by the data subjects
According to the GDPR, how is pseudonymous personal data defined? - Answer: Data that cannot be
attributed to a specific data subject without the use of additional information kept separately
Processing of biometric data requires both a lawful basis and ________________, otherwise, it is
generally prohibited by the GDPR. - Answer: condition for processing
True / False: Article 30's record keeping requirement has absolutely no exceptions for companies
employing fewer than 250 people. - Answer: False: There are three exceptions
A company must appoint a DPO, whether it is a controller or processor, if its core activities involve
______________. - Answer: processing of sensitive data on a large scale
Which treaty created the European Union? - Answer: 1992 Maastricht Treaty
When is a data sharing agreement most likely to be needed? - Answer: When personal data is being
shared between commercial organisations acting as joint data controllers.
What should an organisation consider when determining appropriate periods for retaining personal
data? - Answer: Whether the stated purpose for collecting the personal data still applies.
True / False: The GDPR sets specific guidelines for background checks. - Answer: False: The GDPR does
not set specific guidelines for background checks, but privacy principles must be taken into account
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller YourExamplug. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.49. You're not tied to anything after your purchase.