Tag - PDPF exam

Which of the following options describes the concept of data minimization?A . It is the minimization of data storage locations.B . It is the decrease in the space allocated for data storage.C . It is the limitation of data to the purposes for which it is treated.D . It is...

A person finds that a private videotape showing her in a very intimate situation has been published on a website. She never consented to publication and demands that the video is being removed without undue delay. According to the GDPR, what should be done next?A . Nothing. The video may...

What does the GDPR concept of ‘binding corporate rules’ (BCR) imply?A . A commission decision on the safety of data transfer to a third countryB . A set of rules used by a group of enterprises concerning personal data protection in international transfersC . Measures to compensate for the lack...

Which organizations need to comply with the General Data Protection Regulation (GDPR)?A . Only organizations that have employees in the European Union (EU).B . Only organizations that have their headquarters in the European Union (EU).C . All organizations anywhere in the world.D . All organizations located in the European Union...

GDPR quotes in one of its principles that personal data should be adequate, relevant and limited to what is necessary in relation to its purpose. What principle is this?A . integrity and confidentialityB . purpose limitationC . data minimizationD . lawfulness, loyalty and transparencyView AnswerAnswer: C Explanation: In its Article...

In the contract between the controller and processor for the processing of personal data, which of the options below represents the sole responsibility of the Controller?A . Erase all personal data after the completion of treatment-related services, deleting existing copies.B . Treat personal data only through documented instructions, including with...

Someone regularly receives offers from a store where he purchased something five years ago. He wants the company to stop sending offers and to wipe his personal data. Which aspect of the rights of a data subject in the General Data Protection Regulation (GDPR) requires the company to comply?A ....

Important technical requirements set out in the General Data Protection Regulation (GDPR) are about data quality. One is the obligation to ensure appropriate security, including protection against unauthorized or unlawful processing. What is another important technical requirement?A . To ascertain that personal data collection is adequate, relevant and limited to...

Personal data can be transferred outside of the EEA. According to the GDPR, which transfers outside the EEA are always lawful? A. Transfers based on the laws of the non-EEA country concerns B. Transfers falling under World Trade Organization rules C. Transfers governed by approved binding corporate rules (BCR) D....

A company is planning to process personal data. The recently appointed data protection officer (DPO) executes a data protection impact assessment (DPIA). The DPO finds that all computers have a setting causing monitors to show a screen saver after five seconds of inaction. However, the computers are not locked automatically....