Privacy and Data Protection Foundation
Last Update 1 day ago
Total Questions : 149
PDPF is stable now with all latest exam questions are added 1 day ago. Just download our Full package and start your journey with Exin Privacy and Data Protection Foundation certification. All these Exin PDPF practice exam questions are real and verified by our Experts in the related industry fields.
When personal data are processed, who is ultimately responsible for demonstrating compliance with the GDPR?
We know that when a personal data breach occurs, the data controller (Controller) must notify the Supervisory Authority within 72 hours, without justified delay. However, should the Controller do if it is unable to communicate within this time?
The GDPR describes the principle of data minimization. How can organizations comply with this principle?
According to the GDPR, for which situations should a Data Protection Impact Assessment (DPIA) be conducted?
A person buys a product at a store located in the European Economic Area (EEA). At the time of purchase, you are asked to fill out a registration form and he informs his personal email.
As is usual in many stores, in the next few days this person will start receiving several marketing emails. He considers the frequency of these emails to be very high. Demanding his rights, he asks the store to delete all his personal data.
What the store must do according to the General Data Protection Regulation (GDPR)?
A written contract between a controller and a processor is called a data processing agreement. According to
the GDPR, what does not have to be covered in the written contract?
What is called the adequacy decision that allows data transfer between the United States and the European Economic Area (EEA)?
Which organizations need to comply with the General Data Protection Regulation (GDPR)?
The word privacy is never mentioned in the General Data Protection Regulation (GDPR) text.
Despite this, what would be the best definition of the privacy according to the Regulation?
To comply with the General Data Protection Regulation (GDPR) it is necessary to create a procedure for reporting data breaches to the Supervisory Authority.
As the controller is a public administration agency, which option is a requirement for this procedure?
A gentleman has a loan denied by the bank’s system that he has been a customer for many years. He is disgusted, because the loan would make it possible to hold the wedding of his only granddaughter.
He contacts the bank and asks for explanations. He wants to know exactly why his loan was denied and based on what information.
What right is required by the data subject according to the GDPR?
The GDPR contains several items. Which of these contains mandatory requirements?
A secretary at a pediatric cardiology clinic instead of sending the doctor the list of patients scheduled for the day, sends it to all those responsible registered for the children with scheduled appointments.
According to the GDPR, does the Supervisory Authority need to be notified? And those responsible for the data holders?
In its Article 9 the GDPR categorizes some types of personal data as “sensitive”.
Of these below which are considered sensitive?
A shopkeeper wants to register how many visitors enter his shop every day. A system detects the MAC- address of each visitor’s smartphone. It is impossible for the shopkeeper to identify the owner of the phone from this signal, but telephone providers can link the MAC-address to the owner of the phone. According to the GDPR, is the shopkeeper allowed to use this method?
Subcontracting treatment is regulated by contract or other regulatory act under Union or Member State law, which links the processor to the controller.
What this contract or other regulatory act stipulates?
The General Data Protection Regulation (GDPR) is based on the principles of proportionality and subsidiarity.
What is the meaning of “proportionality” in this context?
A personal data breach has occurred, and the controller is writing a draft notification for the supervisory authority. The following information is already in the notification:
-The nature of the personal data breach and its possible consequences.
-Information regarding the parties that can provide additional information about the data breach.
What other information must the controller provide?
What is the term used in the General Data Protection Regulation (GDPR) for the disclosure of, or unauthorized access to, personal data?
The General Data Protection Regulation (GDPR) in its Article 30 legislates on the Records of treatment activities.
If requested, the controller must provide these records:
Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. Which data processing principle is described here?
TESTED 02 May 2024
Hi this is Romona Kearns from Holland and I would like to tell you that I passed my exam with the use of exams4sure dumps. I got same questions in my exam that I prepared from your test engine software. I will recommend your site to all my friends for sure.
Our all material is important and it will be handy for you. If you have short time for exam so, we are sure with the use of it you will pass it easily with good marks. If you will not pass so, you could feel free to claim your refund. We will give 100% money back guarantee if our customers will not satisfy with our products.