Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Exin PDPF Exam Made Easy: Step-by-Step Preparation Guide

Questions 21

What does the principle of ‘data minimization’ mean?

Options:

A.

Personal data shall be accurate and where necessary kept up to date.

B.

Personal data shall be adequate and limited to what is necessary for the purposes of the processing.

C.

Personal data shall be processed in a manner that ensures appropriate security of the personal data.

D.

Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject.

Buy Now
Questions 22

Under what EU legislation is data transfer between the EEA and the U.S.A. allowed?

Options:

A.

An adequacy decision based on the Privacy Shield program

B.

An adequacy decision by reason of US domestic legislation

C.

The Transatlantic Trade an Investment Partnership (TTIP)

D.

The U.S.A.’s commitment to join the European Economic Area

Buy Now
Questions 23

Data protection and privacy are closely related terms. Which of these options best represent this relationship?

Options:

A.

Privacy is a part of data protection that aims to keep personal data confidential.

B.

Data protection is a part of privacy that aims to keep personal data confidential.

C.

The two terms have the same meaning. They are synonymous.

D.

Without protection of personal data there is no privacy.

Buy Now
Questions 24

A gentleman has a loan denied by the bank’s system that he has been a customer for many years. He is disgusted, because the loan would make it possible to hold the wedding of his only granddaughter.

He contacts the bank and asks for explanations. He wants to know exactly why his loan was denied and based on what information.

What right is required by the data subject according to the GDPR?

Options:

A.

Right to limitation of treatment

B.

Right to rectification

C.

Data subject’s right of access

D.

Right to object and automated individual decision-making

Buy Now
Questions 25

What does the GDPR concept of ‘binding corporate rules’ (BCR) imply?

Options:

A.

A commission decision on the safety of data transfer to a third country

B.

A set of rules used by a group of enterprises concerning personal data protection in international transfers

C.

Measures to compensate for the lack of data protection in a third country

D.

Rules covering data transfers between third countries

Buy Now
Questions 26

A Belgian company has their headquarters in France for tax purposes. They enter into a legally binding contract with a processor in the Netherlands for the processing of personal data of data subjects with various nationalities. A personal data breach occurs. The supervisory authorities start an investigation. Why is the French supervisory authority seen as the lead supervisory authority?

Options:

A.

Because the company has their headquarters in France

B.

Because France is located in the middle of Europe

C.

Because France is the largest of the three EEA countries

Buy Now
Questions 27

A controller wants to switch processors. What is necessary to review before making this change, so that it remains GDPR compliant?

Options:

A.

The matrix location of this new processor.

B.

Require the old processor to erase data.

C.

Require the old processor to port the data.

D.

Verify that the new processor has sufficient security guarantees.

Buy Now
Questions 28

According to the GDPR, what is a description of binding corporate rules (BCR)?

Options:

A.

A decision on the safety of transferring personal data to a non-EEA country

B.

A set of approved rules on personal data protection used by a group of enterprises

C.

A measure to compensate for the lack of personal data protection in a third country

D.

A set of agreements covering personal data transfers between non-EEA countries

Buy Now
Questions 29

Racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership, as well as the processing of genetic data, biometric data, health data or data relating to a person’s sexual life or sexual orientation.

What does this sentence above refer to?

Options:

A.

Available personal data categories.

B.

Rights categories of data subjects.

C.

Categories of purposes for the processing of personal data.

D.

Personal data categories.

Buy Now
Questions 30

What is the purpose of Data Lifecycle Management (DLM)?

Options:

A.

Ensure data integrity and its periodic update

B.

Ensure data confidentiality and availability throughout its useful life.

C.

Ensure that the processing of personal data, throughout its useful life complies with the GDPR

D.

Ensure data confidentiality throughout its useful life, from collection to deletion.

Buy Now