Exin PDPF Quiz 4 Topic 7 Questions 16-20

Question: 1

When does the GDPR require data subject consent to a cookie?

AAlways, because a cookie is regarded as an online identifier

BNever, as the EU Cookie Law does not require explicit consent

COnly if the cookie contains authentication information of the data subject

DOnly if the cookie contains shopping basket items

Show Answer

Question: 2

A personal data breach has occurred and the controller is writing a draft notification for the Supervisory Authority. The document describes the nature of the breach and its possible consequeces.it also contains information on the parties that can provide additional information on the data breach to the Supervisory Authority.

What other information should the controller add?

AThe information of local and national authorities that have been informed about the data breach.

BName and contact details of the subjects whose data may be breached.

CSuggested measures to mitigate the adverse consequences of the data breach.

DThe information needed to access the personal data that has been breached.

Show Answer

Question: 3

The General Data Protection Regulation (GDRP) formalization the data subject's right to data portability.

What is the object of data portability?

AThe controller has the light to move the data subject's personal data from one organization to another

BThe data subject has the right to move personal data concerning him or her.

CThe data subject has the right to move his/her data when moving to another county

DThe Supervisory Authority authorizes the movement of personal data.

Show Answer

Question: 4

Personal data as defined in the General Data protection Regulation (GDPR) can be divided in several types.

''Data that directly or indirectly reveal someone's racial or ethnic background, political/philosophical/religious, views, union affiliation and data related to health or sexual habits."

What type of personal data is described?

ADirect personal data

BIndirect personal data

CPseudonymized data

DSensitive personal data

Show Answer

Question: 5

The General Data protection Regulation (GDRP) is based on the principle of proportionality and subsidiarity.

What is the meaning of proportionality in this context?

APersonal data can only be processed in accordance with the purpose specification.

BPersonal data cannot be re-used without explicit and informed consent.

CPersonal data only is processed in case there are no other means to achieve the purposes.

DPersonal data must be adequate, relevant and not excessive in relation to the purposes.

Show Answer

Exin PDPF Quiz:4 Topic:7 Questions:16-20