Outliers work on their website to company x, employee of Company X steals the data -delete it - tells boss.
Q: What is company x legally obliged to do?
A: NotifyOutliers
Outliers work on their website to company x, employee of Company X steals the data -delete it - tells boss.
Q: What does ...
employee of company x steals the data delete it tells boss q what is company x legally obliged to do
o
Written for
CIPP/E
All documents for this subject (661)
Seller
Follow
STOMZY
Reviews received
Content preview
CIPP/E Exam Questions
Outliers work on their website to company x, employee of Company X steals the data -
delete it - tells boss.
Q: What is company x legally obliged to do? - Answer A: NotifyOutliers
Outliers work on their website to company x, employee of Company X steals the data -
delete it - tells boss.
Q: What does Outliers then need to do? - Answer A: Nothingas data was deleted
Outliers work on their website to company x, employee of Company X steals the data -
delete it - tells boss.
Q: Follows on with Cookies question? - Answer A: Consentto opt-in to cookies
Privacy notice for new Health App collecting sensitive data.
Q: What is the problem with the draft? - Answer A: Them form is asking for health
information from the outset, which is not legal
Privacy notice for new Health App collecting sensitive data
Q: Potential problem with collecting children data? - Answer A: Need to demonstrate
steps to gain parental consent
Anna is lawyer foruniversity tasked with Student Records. Frank is a professor. Four
types of data:Student Data - personal infoEmployee Data - personal infoAlumni Data -
personal infoDepartment of Education Data:demographic data - no personal identifiers
(used to see how first year students progress, etc.)Frank wants to build a database to
process data and see how first year students in his class progressed. Frank builds
algorithm to process data without identifiers. All university systems are encrypted.
Takes data to his home laptop which is not encrypted. Loses laptop
Q: Which types of data does Anna NOT have to include in her record of processing
activities? - Answer Department of Education Records
Q: What should the Anna/DPO checkto confirm he can process those data? - Answer
More information about the algorithm he has developed
Q: He losses the data, what should happen next? Should they inform the students? -
Answer Yes because potential high risk since data was not encrypted
Case study on guy gets photo taken at a gym in Germany
-consents to them using it for marketing
-Gym HQ in France
-Gyms all over EU
-He lives in UK
-Submits request to ICO in UK
-ICO refers to CNIL (this is the SA in France)
, Q: In effort of Cooperation (the lead SA, CNIL, gets their judgement) what should the
they do now? - Answer Draft a draft decision and submit to supporting SAs for their
opinion.
What does he have to do for lawsuit? (each location is a controller!) - Answer Answer:
Go to each gym branch...
Question on what he should do if he wants tosue - Answer Sue ANY relevant branch as
each can be liable for entire damage
ABC Insurance gives data to subsidiary which begins direct marketing to Jason. Jason
decides to switch insurance companies. ABC Insurance is direct marketing to Jason.
Jason asks them to stop but they say that there is a line in the contract he signed saying
he consents to direct marketing and he doesn't stop. Wants to transfer data - they give it
to him in PDF format. He asks for them to transfer and they can't because it's too time-
consuming and not feasible.
Q: According to GDPR regulations on direct marketing(note:I think the wording here is
key), can Jason stop ABC from direct marketing? - Answer Jason has right to object
and ABC must immediately stop using his data.
Q: If Jason asks to stop use of his data, what must the ABC insurance subsidiary do? -
Answer A: Stop using the data unless for legal matters in which subsidiary is involved.
Q: Did ABC violate GDPR by not sending the data to the new insurance company? -
Answer A: No, because sending it is not possible. Undue strain on the company to send
it which infringes on their rights. PDF format is enough.
Guy runs a social media company for small businesses along with a few other things.
Sends data to Hermes for Sub Processing - they then use the data to create ads on
their personal website. Girl accidentally posts her business plan in the chat function of
the website and leaves it for 2 weeks.Goes to SA about data breach. Serge posts a
quote on his Social Media page and this ends up as a quotation on the main site
attributed to Serge
Q: Why would the girl who leaked her business plan likely not have a case with GDPR: -
Answer A:Because of the nature of the data (I chose this one because it was a business
plan and likely did not contain personal data)
Q: Whats concerning about Hermes? - Answer A: They are processing for anew
purpose
Q: What did he likely miss? - Answer A: Providing an opt out fortransfer
Q: What's concerning about Serge's misuse of data? - Answer A: The data was used
out of the context of the Social Media Service and outside of service.
Based in France but hosts website and data on US hosting company.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller STOMZY. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £8.16. You're not tied to anything after your purchase.