- Home
- IAPP
- Certified Information Privacy Professional/Europe (CIPP/E)
- IAPP.CIPP-E.v2024-06-20.q123
- Question 82
Valid CIPP-E Dumps shared by ExamDiscuss.com for Helping Passing CIPP-E Exam! ExamDiscuss.com now offer the newest CIPP-E exam dumps, the ExamDiscuss.com CIPP-E exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CIPP-E dumps with Test Engine here:
Access CIPP-E Dumps Premium Version
(298 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 82/123
Company X has entrusted the processing of their payroll data to Provider Y. Provider Y stores this encrypted data on its server. The IT department of Provider Y finds out that someone managed to hack into the system and take a copy of the data from its server. In this scenario, whom does Provider Y have the obligation to notify?
Correct Answer: B
According to Article 33 of the GDPR, in the case of a personal data breach, the processor (Provider Y) shall notify the controller (Company X) without undue delay after becoming aware of the breach. The processor does not have the obligation to notify the supervisory authority, the public, or law enforcement, unless otherwise required by law. The controller is responsible for notifying the supervisory authority and, where necessary, the data subjects, unless the breach is unlikely to result in a risk to their rights and freedoms. Reference:
Article 33 of the GDPR, which regulates the notification of a personal data breach to the supervisory authority.
[Article 34 of the GDPR], which regulates the communication of a personal data breach to the data subject.
ICO guidance, which explains the roles and responsibilities of controllers and processors in relation to data breach notification.
Article 33 of the GDPR, which regulates the notification of a personal data breach to the supervisory authority.
[Article 34 of the GDPR], which regulates the communication of a personal data breach to the data subject.
ICO guidance, which explains the roles and responsibilities of controllers and processors in relation to data breach notification.
- Question List (123q)
- Question 1: According to the European Data Protection Board, which of th...
- Question 2: Since blockchain transactions are classified as pseudonymous...
- Question 3: SCENARIO Please use the following to answer the next questio...
- Question 4: SCENARIO Please use the following to answer the next questio...
- Question 5: Tanya is the Data Protection Officer for Curtains Inc., a GD...
- Question 6: The transparency principle is most directly related to which...
- Question 7: Under what circumstances would the GDPR apply to personal da...
- Question 8: SCENARIO Please use the following to answer the next questio...
- Question 9: Read the following steps: Discover which employees are acces...
- Question 10: What is true if an employee makes an access request to his e...
- Question 11: Which of the following is one of the supervisory authority's...
- Question 12: To provide evidence of GDPR compliance, a company performs a...
- Question 13: What is a reason the European Court of Justice declared the ...
- Question 14: What is the most frequently used mechanism for legitimizing ...
- Question 15: SCENARIO Please use the following to answer the next questio...
- Question 16: An unforeseen power outage results in company Z's lack of ac...
- Question 17: When is data sharing agreement MOST likely to be needed?...
- Question 18: Which of the following would NOT be relevant when determinin...
- Question 19: Which marketing-related activity is least likely to be cover...
- Question 20: Which of the following is NOT considered a fair processing p...
- Question 21: When does the GDPR provide more latitude for a company to pr...
- Question 22: Which change was introduced by the 2009 amendments to the e-...
- Question 23: SCENARIO Please use the following to answer the next questio...
- Question 24: Which area of privacy is a lead supervisory authority's (LSA...
- Question 25: MagicClean is a web-based service located in the United Stat...
- Question 26: Please use the following to answer the next question: Wonder...
- Question 27: Which of the following was the first to implement national l...
- Question 28: Which of the following Convention 108+ principles, as amende...
- Question 29: SCENARIO Please use the following to answer the next questio...
- Question 30: Which of the following entities would most likely be exempt ...
- Question 31: Which GDPR principle would a Spanish employer most likely de...
- Question 32: SCENARIO Please use the following to answer the next questio...
- Question 33: SCENARIO Please use the following to answer the next questio...
- Question 34: SCENARIO Please use the following to answer the next questio...
- Question 35: SCENARIO Please use the following to answer the next questio...
- Question 36: Which of the following is NOT exempt from the material scope...
- Question 37: Under the GDPR, which essential pieces of information must b...
- Question 38: SCENARIO Please use the following to answer the next questio...
- Question 39: What are the obligations of a processor that engages a sub-p...
- Question 40: SCENARIO Please use the following to answer the next questio...
- Question 41: SCENARIO Please use the following to answer the next questio...
- Question 42: What type of data lies beyond the scope of the General Data ...
- Question 43: Bioface is a company based in the United States. It has no s...
- Question 44: SCENARIO Please use the following to answer the next questio...
- Question 45: The GDPR specifies fines that may be levied against data con...
- Question 46: A company has collected personal data tor direct marketing p...
- Question 47: After detecting an intrusion involving the theft of unencryp...
- Question 48: SCENARIO Please use the following to answer the next questio...
- Question 49: Which of the following describes a mandatory requirement for...
- Question 50: A data controller appoints a data protection officer. Which ...
- Question 51: Based on GDPR Article 35, which of the following situations ...
- Question 52: Which statement provides an accurate description of a direct...
- Question 53: A homeowner has installed a motion-detecting surveillance sy...
- Question 54: For which of the following operations would an employer most...
- Question 55: SCENARIO Please use the following to answer the next questio...
- Question 56: SCENARIO Please use the following to answer the next questio...
- Question 57: When collecting personal data in a European Union (EU) membe...
- Question 58: What is the primary purpose of Convention 108+, which amends...
- Question 59: SCENARIO Please use the following to answer the next questio...
- Question 60: With the issue of consent, the GDPR allows member states som...
- Question 61: What permissions are required for a marketer to send an emai...
- Question 62: In which situation would a data controller most likely be ab...
- Question 63: It a company receives an anonymous email demanding ransom fo...
- Question 64: Which mechanism, new to the GDPR, now allows for the possibi...
- Question 65: SCENARIO Please use the following to answer the next questio...
- Question 66: When may browser settings be relied upon for the lawful appl...
- Question 67: Two companies, Gellcoat and Freifish, make plans to launch a...
- Question 68: Which sentence BEST summarizes the concepts of "fairness," "...
- Question 69: SCENARIO Please use the following to answer the next questio...
- Question 70: Which of the following is NOT an explicit right granted to d...
- Question 71: In the wake of the Schrems II ruling, which of the following...
- Question 72: SCENARIO Please use the following to answer the next questio...
- Question 73: SCENARIO Please use the following to answer the next questio...
- Question 74: How is the retention of communications traffic data for law ...
- Question 75: If two controllers act as joint controllers pursuant to Arti...
- Question 76: With respect to international transfers of personal data, th...
- Question 77: In addition to the European Commission, who can adopt standa...
- Question 78: SCENARIO Please use the following to answer the next questio...
- Question 79: A dynamic Internet Protocol (IP) address is considered perso...
- Question 80: How is the GDPR's position on consent MOST likely to affect ...
- Question 81: Which of the following would require designating a data prot...
- Question 82: Company X has entrusted the processing of their payroll data...
- Question 83: SCENARIO Please use the following to answer the next questio...
- Question 84: Which of the following demonstrates compliance with the acco...
- Question 85: Article 29 Working Party has emphasized that the GDPR forbid...
- Question 86: What is the key difference between the European Council and ...
- Question 87: SCENARIO Please use the following to answer the next questio...
- Question 88: SCENARIO Please use the following to answer the next questio...
- Question 89: SCENARIO Please use the following to answer the next questio...
- Question 90: SCENARIO Please use the following to answer the next questio...
- Question 91: Under the GDPR, where personal data is not obtained directly...
- Question 92: What was the aim of the European Data Protection Directive 9...
- Question 93: Which judicial body makes decisions on actions taken by indi...
- Question 94: SCENARIO Please use the following to answer the next questio...
- Question 95: According to Article 14 of the GDPR, how long does a control...
- Question 96: WP29's "Guidelines on Personal data breach notification unde...
- Question 97: SCENARIO Please use the following to answer the next questio...
- Question 98: SCENARIO Please use the following to answer the next questio...
- Question 99: To receive a preliminary interpretation on provisions of the...
- Question 100: Under the GDPR, who would be LEAST likely to be allowed to e...
- Question 101: Which of the following countries will continue to enjoy adeq...
- Question 102: SCENARIO Please use the following to answer the next questio...
- Question 103: An organisation receives a request multiple times from a dat...
- Question 104: SCENARIO Please use the following to answer the next questio...
- Question 105: SCENARIO Please use the following to answer the next questio...
- Question 106: An organization conducts body temperature checks as a part o...
- Question 107: In the event of a data breach, which type of information are...
- Question 108: The European Parliament jointly exercises legislative and bu...
- Question 109: SCENARIO Please use the following to answer the next questio...
- Question 110: SCENARIO Please use the following to answer the next questio...
- Question 111: SCENARIO Please use the following to answer the next questio...
- Question 112: Select the answer below that accurately completes the follow...
- Question 113: What was the main failing of Convention 108 that led to the ...
- Question 114: SCENARIO Please use the following to answer the next questio...
- Question 115: According to Art 23 GDPR, which of the following data subjec...
- Question 116: SCENARIO Please use the following to answer the next questio...
- Question 117: Under Article 9 of the GDPR, which of the following categori...
- Question 118: Which of the following is one of the supervisory authority's...
- Question 119: Pursuant to Article 17 and EDPB Guidelines S'2019 on RTBF cr...
- Question 120: Pursuant to Article 4(5) of the GDPR, data is considered "ps...
- Question 121: According to the E-Commerce Directive 2000/31/EC, where is t...
- Question 122: An entity's website stores text files on EU users' computer ...
- Question 123: What is the main task of the European Data Protection Board?...
