100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Corey CIPP_E Study Guide. $7.99   Add to cart

Exam (elaborations)

Corey CIPP_E Study Guide.

 0 view  0 purchase
  • Course
  • Institution

Corey CIPP_E Study Guide.

Preview 2 out of 8  pages

  • May 28, 2024
  • 8
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
avatar-seller
Corey CIPP/E Study Guide

When do you need a DPO? - ANS-If the core activity of the processor or controller
includes;
• Regular and systematic processing on a large scale
• Processing special categories of data on a large scale
• Monitoring of a large scale geographical area
• Processing by public bodies other than courts

When do controllers and processors have to keep records (Article 30)? - ANS-If they
have 250 or more employees or The processing is likely to result in a risk to data
subjects or Processing is not occasional Processing includes special categories

When do you not need a DPIA even if you are doing a processing that involves high
risk? - ANS-For legal obligation purpose (employment) or for execution of a public task
(tax)

Which institution is eligible to approve Binding Corporate Rules? - ANS-Supervisory
Authority

What are the Privacy Shield self-certification requirements? - ANS-Commit to adhere to
the Privacy Shield Principles and publicise the commitment, publicly disclose privacy
policy, implement the principles, Renew certification annually

Why can't a US financial institution be eligible for Privacy Shield? - ANS-Because it is
not under the enforcement authority of Federal Trade Commission

What is the current list of adequate countries and the period to review the adequacy? -
ANS-Uruguay, Argentina, Canada (commercial organisations only), US(Privacy Shield),
Andorra, Jersey & Guernsey, Isle of Man, Israel, Switzerland, New Zealand, Faeroe
Islands - 4 years

What are the legal bases to transfer data outside of EEA? - ANS-Adequacy Decisions,
Appropriate Safeguards (Binding Corporate Rules, Standard Clauses, Codes of conduct
or certification, Adhoc contractual clauses authorised by SA, International Agreements),
Derogations (as last resort)

, When does the household exemption for GDPR not apply? - ANS-If you act on behalf of
an organisation or you knowingly extend the access to data beyond selected group of
contacts (ie: making it public)

What is the exception for opt-on rule for B2C marketing? - ANS-If you collected the
contact details in the context of a sale transaction (including presales) and marketing is
related with first party products and optout is offered at the point of data collection and
opt-out is offered in every subsequent communication

What information do you need to include in CCTV notice? - ANS-Identity and contact of
controller + Purpose

What are the permitted uses of metadata according to ePrivacy? - ANS-Quality of
service requirements, billing and interconnection payments, Prevent fraud and abuse

What are the 4 considerations for monitoring? - ANS-Necessity (can you use another
method?), Proportionality (proportional to purpose), Legitimacy (Lawful basis),
Transparency (Inform the data subject)

Who monitors personal data processing of EU bodies? - ANS-European Data Protection
Supervisor

What are the powers of Supervisory Authority and examples for each power? -
ANS-Investigative (Conduct audits, obtain access to premises), Corrective (issue fines,
ban processing), Authorisation & Advisory (Approve BCRs, Accredit certification bodies)

What information should be provided to data subjects for cross-border transfers? -
ANS-Existence or absence of an adequacy decision, Intent to transfer to another
country or multinational organisation, A reference to safeguards

What are cross border transfer derogations? - ANS-Explicit consent, performance of a
contract, Pubic Interest, Legal claims, Transfer from a register of public information,
Legitimate Interest (only if it is one off, not systematic, limited number of data subjects
and you must inform data subject+SA)

What are the responsibilities of a Supervisory Authority? - ANS-Represent member
state in EDPB, Promote monitor enforce GDPR, Protect fundamental human rights,
Facilitate free flow of personal data

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller modocko752. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $7.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

80461 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$7.99
  • (0)
  Add to cart