Posted on

Cippe Quiz

Take the quiz to test your knowledge of CIPP/E

1. 
What should a controller do after a data subject opts out of a direct marketing activity?
2. 
When is the data sharing agreement MOST likely to be needed?
3. 
What permissions are required for a marketer to send an email marketing message to a consumer in the EU?
4. 
Which of the following would require designating a data protection officer?
5. 
Under the GDPR, which essential pieces of information must be provided to data subjects before collecting their personal data?
6. 
What term BEST describes the European model for data protection?
7. 
With respect to international transfers of personal data, the European Data Protection Board (EDPB) confirmed that derogations may be relied upon under what condition?
8. 
What is the key difference between the European Council and the Council of the European Union?
9. 
In addition to the European Commission, who can adopt standard contractual clauses, assuming that all required conditions are met?
10. 
Under what circumstances might the “soft opt-in” rule apply in relation to direct marketing?
11. 
Select the answer below that accurately completes the following: “The right to compensation and liability under the GDPR…
12. 
What must a data controller do in order to make personal data pseudonymous?
13. 
Which of the following was the first legally binding international instrument in the area of data protection?
14. 
A mobile device application that uses cookies will be subject to the consent requirement of which of the following?
15. 
Which of the following is NOT an explicit right granted to data subjects under the GDPR?
16. 
After leaving the EU under the terms of Brexit, the United Kingdom will seek an adequacy determination. What is the reason for this?
17. 
WP29’s “Guidelines on Personal data breach notification under Regulation 2016/679’ provides examples of ways to communicate data breaches transparently. Which of the following was listed as a method that would NOT be effective for communicating a breach to data subjects?
18. 
Why is it advisable to avoid consent as a legal basis for an employer to process employee data?
19. 
Pursuant to Article 4(5) of the GDPR, data is considered “pseudonymized” if?
20. 
Under Article 9 of the GDPR, which of the following categories of data is NOT expressly prohibited from data processing?

Write a comment