Data Protection & GDPR

Question 1

What is the maximum fine under GDPR?

Answer 1

The larger of:

4% of worldwide turnover
£17.5mil

Question 2

when a firm starts to process personal data, what must they do?

Answer 2

Inform the ICO

Question 3

What kind of data does GDPR apply to?

Answer 3

“Personal Data”

Question 4

What is personal data

Answer 4

Data that identifies an identifiable person

Question 5

What are the 6 legal bases that exist for processing personal data?

Answer 5

1) Contractual
2) Consent
3) Legal Obligation
4) Vital Interest
5) Public Task
6) Legitimate Interest

Question 6

There are 5 things that define the scope / treatment of client data, list them

Answer 6

1) Process Lawfully
2) Must be collected for specific purpose
3) Adequate, relevant & necessary
4) Kept for no longer than is necessary
5) Ensure security of data
6) Processed in a legal and transparent way

Question 7

Give an example of a reason data would be collected due to: Consent

Answer 7

Client agrees to a newsletter sign up

Question 8

Give an example of a reason data would be collected due to: Contract

Answer 8

Customer purchases online order to be delivered

Question 9

Give an example of a reason data would be collected due to: Vital Interest

Answer 9

Medical professionals sharing patient data

Question 10

Give an example of a reason data would be collected due to: Legitimate Interest

Answer 10

Protecting data security / preventing fraud

Question 11

Give an example of a reason data would be collected due to: Public Task

Answer 11

Local authority managing voter registrations

Question 12

Give an example of a reason data would be collected due to: Legal

Answer 12

Employee tax records for renumeration