New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Legit PDPF Exam Download

Page: 3 / 5
Question 12

When personal data are processed, who is ultimately responsible for demonstrating compliance with the GDPR?

Options:

A.

Data protection officer (DPO)

B.

Supervisory authority

C.

Processor

D.

Controller

Question 13

Personal data as defined in the GDPR can be divided into several types. One of these types is described: Data that directly or indirectly reveal someone’s racial or ethnic background, political, philosophical, religious views, union affiliation and data related to health or sex life and sexual orientation. What type of personal data is this?

Options:

A.

Direct personal data

B.

Indirect personal data

C.

Pseudonymized data

D.

Special category personal data

Question 14

To plan the amount of parking space needed, a local government monitors and saves the license plate number of every car that enters and leaves the city center. They have obtained permission to collect data on the number of cars present in the city center. By comparing the license plate time of entry and exit the number of cars present every moment of each day is calculated. Each month a report is created detailing the average number of cars in the city center at specific moments for every day of the week. At every entrance to the city center, a billboard clearly states what data is collected by whom, the purpose of the processing and the fact that the license plate numbers are saved securely for up to two years, because the measurements will be repeated next year. Which of the basic principles for legitimate processing of personal data is violated in this scenario?

Options:

A.

Personal data are processed in a manner that ensures appropriate security of the personal data.

B.

Personal data are processed in a transparent manner in relation to the data subject

C.

Personal data are kept in a form permitting identification of data subjects for no longer than is necessary.

D.

Personal data are collected for specified, explicit and legitimate purposes and not further processed.

Question 15

According to Article.33 of the GDPR the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority. What is the maximum penalty for non-compliance with this notification obligation?

Options:

A.

€ 10.000.000 or 2% of the annual global turnover, whichever is higher

B.

€ 20.000.000 or 4% of the annual global turnover, whichever is higher

C.

Up to € 500.000 with a minimum of € 120.000

D.

Up to € 820.000 with a minimum of € 350.000

Page: 3 / 5
Exam Code: PDPF
Exam Name: Privacy and Data Protection Foundation
Last Update: Dec 22, 2024
Questions: 149
PDPF pdf

PDPF PDF

$25.5  $84.99
PDPF Engine

PDPF Testing Engine

$28.5  $94.99
PDPF PDF + Engine

PDPF PDF + Testing Engine

$40.5  $134.99