Free CIPP-E Exam Dumps

Question 51

How is the GDPR’s position on consent MOST likely to affect future app design and implementation?

A. App developers will expand the amount of data necessary to collect for an app’s functionality.
B. Users will be given granular types of consent for particular types of processing.
C. App developers’ responsibilities as data controllers will increase.
D. Users will see fewer advertisements when using apps.

Correct Answer:B

Question 52

Which institution has the power to adopt findings that confirm the adequacy of the data protection level in a non-EU country?

A. The European Parliament
B. The European Commission
C. The Article 29 Working Party
D. The European Council

Correct Answer:B

Question 53

Which of the following does NOT have to be included in the records most processors must maintain in relation to their data processing activities?

A. Name and contact details of each controller on behalf of which the processor is acting.
B. Categories of processing carried out on behalf of each controller for which the processor is acting.
C. Details of transfers of personal data to a third country carried out on behalf of each controller for which the processor is acting.
D. Details of any data protection impact assessment conducted in relation to any processing activities carried out by the processor on behalf of each controller for which the processor is acting.

Correct Answer:C

Question 54

What is the key difference between the European Council and the Council of the European Union?

A. The Council of the European Union is helmed by a president.
B. The Council of the European Union has a degree of legislative power.
C. The European Council focuses primarily on issues involving human rights.
D. The European Council is comprised of the heads of each EU member state.

Correct Answer:D

Question 55

SCENARIO
Please use the following to answer the next question:
BHealthy, a company based in Italy, is ready to launch a new line of natural products, with a focus on sunscreen. The last step prior to product launch is for BHealthy to conduct research to decide how extensively to market its new line of sunscreens across Europe. To do so, BHealthy teamed up with Natural Insight, a company specializing in determining pricing for natural products. BHealthy decided to share its existing customer information – name, location, and prior purchase history – with Natural Insight. Natural Insight intends to use this information to train its algorithm to help determine the price point at which BHealthy can sell its new sunscreens.
Prior to sharing its customer list, BHealthy conducted a review of Natural Insight’s security practices and concluded that the company has sufficient security measures to protect the contact information. Additionally, BHealthy’s data processing contractual terms with Natural Insight require continued implementation of technical and organization measures. Also indicated in the contract are restrictions on use of the data provided by BHealthy for any purpose beyond provision of the services, which include use of the data for continued improvement of Natural Insight’s machine learning algorithms.
Under the GDPR, what are Natural Insight’s security obligations with respect to the customer information it received from BHealthy?

A. Appropriate security that takes into account the industry practices for protecting customer contact information and purchase history.
B. Only the security measures assessed by BHealthy prior to entering into the data processing contract.
C. Absolute security since BHealthy is sharing personal data, including purchase history, with Natural Insight.
D. The level of security that a reasonable data subject whose data is processed would expect in relation to the data subject’s purchase history.

Correct Answer:A