New Year Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

IAPP Updated CIPP-E Exam Questions and Answers by ayra

Page: 17 / 19

IAPP CIPP-E Exam Overview :

Exam Name: Certified Information Privacy Professional/Europe (CIPP/E)
Exam Code: CIPP-E Dumps
Vendor: IAPP Certification: Certified Information Privacy Professional
Questions: 268 Q&A's Shared By: ayra
Question 68

Which of the following is NOT exempt from the material scope of the GDPR. insofar as the processing of personal data is concerned?

Options:

A.

A natural person in the course of a large-scale but purely personal or household activity.

B.

A natural person processing data foe a small-scale, purely personal or household activity.

C.

A natural person in the course of processing purely personal or household data on behalf of a spouse who is beyond the age of majority.

D.

A natural person in the course of activity conducted purely tor a personally-owned sole proprietorship.

Discussion
Question 69

SCENARIO

Please use the following to answer the next question:

Financially, it has been a very good year at ARRA Hotels: Their 21 hotels, located in

Greece (5), Italy (15) and Spain (1), have registered their most profitable results

ever. To celebrate this achievement, ARRA Hotels' Human Resources office, based

in ARRA's main Italian establishment, has organized a team event for its 420

employees and their families at its hotel in Spain.

Upon arrival at the hotel, each employee and family member is given an electronic

wristband at the reception desk. The wristband serves a number of functions:

. Allows access to the "party zone" of the hotel, and emits a buzz if the user

approaches any unauthorized areas

. Allows up to three free drinks for each person of legal age, and emits a

buzz once this limit has been reached

. Grants a unique ID number for participating in the games and contests that

have been planned.

Along with the wristband, each guest receives a QR code that leads to the online

privacy notice describing the use of the wristband. The page also contains an

unchecked consent checkbox. In the case of employee family members under the

age of 16, consent must be given by a parent.

Among the various activities planned for the event, ARRA Hotels' HR office has

autonomously set up a photocall area, separate from the main event venue, where

employees can come and have their pictures taken in traditional carnival costume.

The photos will be posted on ARRA Hotels' main website for general marketing

purposes.

On the night of the event, an employee from one of ARRA's Greek hotels is

displeased with the results of the photos in which he appears. He intends to file a

complaint with the relevant supervisory authority in regard to the following:

. The lack of any privacy notice in the separate photocall area

The unlawful cross-border processing of his personal data

. The unacceptable aesthetic outcome of his photos

Why would consent NOT be considered an adequate legal basis for accessing the

party zone?

Options:

A.

The consent is not completely unambiguous.

B.

The consent is not sufficiently informed.

C.

The consent is not freely given.

D.

The consent is not in writing.

Discussion
Question 70

Which of the following would MOST likely trigger the extraterritorial effect of the GDPR, as specified by Article 3?

Options:

A.

The behavior of suspected terrorists being monitored by EU law enforcement bodies.

B.

Personal data of EU citizens being processed by a controller or processor based outside the EU.

C.

The behavior of EU citizens outside the EU being monitored by non-EU law enforcement bodies.

D.

Personal data of EU residents being processed by a non-EU business that targets EU customers.

Discussion
Rosalie
I passed. I would like to tell all students that they should definitely give Cramkey Dumps a try.
Maja Aug 30, 2024
That sounds great. I'll definitely check them out. Thanks for the suggestion!
Syeda
I passed, Thank you Cramkey for your precious Dumps.
Stella Aug 25, 2024
That's great. I think I'll give Cramkey Dumps a try.
Pippa
I was so happy to see that almost all the questions on the exam were exactly what I found in their Dumps.
Anastasia Sep 21, 2024
You are right…It was amazing! The Cramkey Dumps were so comprehensive and well-organized, it made studying for the exam a breeze.
Annabel
I recently used them for my exam and I passed it with excellent score. I am impressed.
Amirah Oct 28, 2024
I passed too. The questions I saw in the actual exam were exactly the same as the ones in the Cramkey Dumps. I was able to answer the questions confidently because I had already seen and studied them.
Erik
Hey, I have passed my exam using Cramkey Dumps?
Freyja Oct 17, 2024
Really, what are they? All come in your pool? Please give me more details, I am going to have access their subscription. Please brother, give me more details.
Question 71

SCENARIO

Please use the following to answer the next question:

Joe is the new privacy manager for Who-R-U, a Canadian business that provides DNA analysis. The company is headquartered in Montreal, and all of its employees are located there. The company offers its services to Canadians only: Its website is in English and French, it accepts only Canadian currency, and it blocks internet traffic from outside of Canada (although this solution doesn’t prevent all non-Canadian traffic). It also declines to process orders that request the DNA report to be sent outside of Canada, and returns orders that show a non-Canadian return address.

Bob, the President of Who-R-U, thinks there is a lot of interest for the product in the EU, and the company is exploring a number of plans to expand its customer base.

The first plan, collegially called We-Track-U, will use an app to collect information about its current Canadian customer base. The expansion will allow its Canadian customers to use the app while traveling abroad. He

suggests that the company use this app to gather location information. If the plan shows promise, Bob proposes to use push notifications and text messages to encourage existing customers to pre-register for an EU version of the service. Bob calls this work plan, We-Text-U. Once the company has gathered enough pre- registrations, it will develop EU-specific content and services.

Another plan is called Customer for Life. The idea is to offer additional services through the company’s app, like storage and sharing of DNA information with other applications and medical providers. The company’s contract says that it can keep customer DNA indefinitely, and use it to offer new services and market them to customers. It also says that customers agree not to withdraw direct marketing consent. Paul, the marketing director, suggests that the company should fully exploit these provisions, and that it can work around customers’ attempts to withdraw consent because the contract invalidates them.

The final plan is to develop a brand presence in the EU. The company has already begun this process. It is in the process of purchasing the naming rights for a building in Germany, which would come with a few offices that Who-R-U executives can use while traveling internationally. The office doesn’t include any technology or infrastructure; rather, it’s simply a room with a desk and some chairs.

On a recent trip concerning the naming-rights deal, Bob’s laptop is stolen. The laptop held unencrypted DNA reports on 5,000 Who-R-U customers, all of whom are residents of Canada. The reports include customer name, birthdate, ethnicity, racial background, names of relatives, gender, and occasionally health information.

If Who-R-U adopts the We-Track-U pilot plan, why is it likely to be subject to the territorial scope of the GDPR?

Options:

A.

Its plan would be in the context of the establishment of a controller in the Union.

B.

It would be offering goods or services to data subjects in the Union.

C.

It is engaging in commercial activities conducted in the Union.

D.

It is monitoring the behavior of data subjects in the Union.

Discussion
Page: 17 / 19
Title
Questions
Posted

CIPP-E
PDF

$36.75  $104.99

CIPP-E Testing Engine

$43.75  $124.99

CIPP-E PDF + Testing Engine

$57.75  $164.99