New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Download Latest DCPP-01 Questions

Page: 3 / 4
Question 12

A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries.

For the outsourced work of its customers’ data processing, in order to initiate data transfer to another organizations outside EU, which is the most appropriate among the following?

Options:

A.

The vendor (data importer) in the third country, and not the exporter is responsible to put in place suitable model contractual clauses, and hence the exporter does not need to take any action.

B.

Since the data is processed by the vendor outside the EU, the EU directive does not apply and hence there are no legal concerns

C.

The data exporter needs to initiate model contractual clauses after obtaining approvals from data protection commissioner and have the vendor be a signatory on the same as data importer

D.

The data importer need to notify about the transfer to data protection commissioner in the destination country and exporter need to similarly notify in the EU country of origin

Question 13

APPI, the Act for the Protection of Personal Information, applies to:

Options:

A.

Government entities using personal information

B.

Personal Information about an individual that is used by a business

C.

None of the above

Question 14

According to the privacy statement of an organization, which of the following words is true?

Options:

A.

The Information Technology (Amendment) Act, 2008 does not require the publication of privacy policies on websites in India

B.

The content of an organization's online privacy statement will be influenced by the applicable laws, and may need to address requirements across geographic boundaries and legal jurisdictions

C.

A privacy statement demonstrates to stakeholders how an organization gathers, uses, discloses, and manages personal information

D.

In order to follow privacy laws, it is mandatory that there is a phone contact information for the organization's owner in the online privacy statement so that customers can reach out in case of a concern or incident, which can be managed online

Question 15

What is not a compulsory pre-requisite before a company with headquarters in the EU transfers sensitive personal data to its Asian subsidiaries?

Options:

A.

Self-certifying to Safe Harbor practices and reporting to Federal Trade Commission

B.

Performing a risk assessment for the processing involved

C.

Data subjects are notified

D.

Assessing the country's adequacy

Page: 3 / 4
Online DCPP-01 Questions Video, Download Latest DCPP-01 Questions, Vce DCPP-01 Questions Latest,
Exam Code: DCPP-01
Exam Name: DSCI certified Privacy Professional (DCPP)
Last Update: Dec 22, 2024
Questions: 122
DCPP-01 pdf

DCPP-01 PDF

$25.5  $84.99
DCPP-01 Engine

DCPP-01 Testing Engine

$28.5  $94.99
DCPP-01 PDF + Engine

DCPP-01 PDF + Testing Engine

$40.5  $134.99