1. Home
  2. IAPP
  3. CIPP-E

Certified Information Privacy Professional/Europe (CIPP/E)

Exam Details

  • Exam Code
    :CIPP-E
  • Exam Name
    :Certified Information Privacy Professional/Europe (CIPP/E)
  • Certification
    :IAPP Certifications
  • Vendor
    :IAPP
  • Total Questions
    :298 Q&As
  • Last Updated
    :May 08, 2025

IAPP IAPP Certifications CIPP-E Questions & Answers

  • Question 231:

    Which of the following Convention 108+ principles, as amended in 2018, is NOT consistent with a principle found in the GDPR?

    A. The obligation of companies to declare data breaches.

    B. The requirement to demonstrate compliance to a supervisory authority.

    C. The necessity of the bulk collection of personal data by the government.

    D. The necessity of establishing a specific legal basis for processing personal data.

  • Question 232:

    Which of the following was the first to implement national law for data protection in 1973?

    A. France

    B. Sweden

    C. Germany

    D. United Kingdom

  • Question 233:

    Under Article 58 of the GDPR, which of the following describes a power of supervisory authorities in European Union (EU) member states?

    A. The ability to enact new laws by executive order.

    B. The right to access data for investigative purposes.

    C. The discretion to carry out goals of elected officials within the member state.

    D. The authority to select penalties when a controller is found guilty in a court of law.

  • Question 234:

    According to the E-Commerce Directive 2000/31/EC, where is the place of "establishment" for a company providing services via an Internet website confirmed by the GDPR?

    A. Where the technology supporting the website is located

    B. Where the website is accessed

    C. Where the decisions about processing are made

    D. Where the customer's Internet service provider is located

  • Question 235:

    Article 29 Working Party has emphasized that the GDPR forbids "forum shopping", which occurs when companies do what?

    A. Choose the data protection officer that is most sympathetic to their business concerns.

    B. Designate their main establishment in member state with the most flexible practices.

    C. File appeals of infringement judgments with more than one EU institution simultaneously.

    D. Select third-party processors on the basis of cost rather than quality of privacy protection.

  • Question 236:

    When is data sharing agreement MOST likely to be needed?

    A. When anonymized data is being shared.

    B. When personal data is being shared between commercial organizations acting as joint data controllers.

    C. When personal data is being proactively shared by a controller to support a police investigation.

    D. When personal data is being shared with a public authority with powers to require the personal data to be disclosed.

  • Question 237:

    An entity's website stores text files on EU users' computer and mobile device browsers. Prior to doing so, the entity is required to provide users with notices containing information and consent under which of the following frameworks?

    A. General Data Protection Regulation 2016/679.

    B. E-Privacy Directive 2002/58/EC.

    C. E-Commerce Directive 2000/31/EC.

    D. Data Protection Directive 95/46/EC.

  • Question 238:

    What are the obligations of a processor that engages a sub-processor?

    A. The processor must give the controller prior written notice and perform a preliminary audit of the sub-processor.

    B. The processor must obtain the controller's specific written authorization and provide annual reports on the sub-processor's performance.

    C. The processor must receive a written agreement that the sub-processor will be fully liable to the controller for the performance of its obligations in relation to the personal data concerned.

    D. The processor must obtain the consent of the controller and ensure the sub-processor complies with data processing obligations that are equivalent to those that apply to the processor.

  • Question 239:

    What type of data lies beyond the scope of the General Data Protection Regulation?

    A. Pseudonymized

    B. Anonymized

    C. Encrypted

    D. Masked

  • Question 240:

    Which EU institution is vested with the competence to propose new data protection legislation on its own initiative?

    A. The European Council

    B. The European Parliament

    C. The European Commission

    D. The Council of the European Union

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IAPP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIPP-E exam preparations and IAPP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.