RGPD

Question 1

What does GDPR stand for?

Answer 1

General Data Protection Regulation

Question 2

True or False: GDPR applies only to organizations within the EU.

Answer 2

False

Question 3

What is the primary purpose of the GDPR?

Answer 3

To protect the privacy and personal data of individuals.

Question 4

Fill in the blank: GDPR came into effect on _________.

Answer 4

May 25, 2018

Question 5

What is considered personal data under GDPR?

Answer 5

Any information relating to an identified or identifiable natural person.

Question 6

Which article of GDPR outlines the principles of data processing?

Answer 6

Article 5

Question 7

True or False: Data subjects have the right to access their personal data.

Answer 7

True

Question 8

What is the maximum fine for non-compliance with GDPR?

Answer 8

Up to 20 million euros or 4% of global annual turnover, whichever is higher.

Question 9

What does the term ‘data processor’ refer to in GDPR?

Answer 9

A person or entity that processes data on behalf of the data controller.

Question 10

What is required for lawful processing of personal data under GDPR?

Answer 10

One of the six legal bases outlined in Article 6.

Question 11

Which article grants individuals the right to erasure?

Answer 11

Article 17

Question 12

True or False: GDPR requires data breaches to be reported within 72 hours.

Answer 12

True

Question 13

What does DPIA stand for?

Answer 13

Data Protection Impact Assessment

Question 14

Fill in the blank: The GDPR applies to ________ processing of personal data.

Answer 14

automated and manual

Question 15

What is a data protection officer (DPO)?

Answer 15

An individual appointed to oversee data protection strategies and ensure compliance.

Question 16

True or False: Consent must be explicit and revocable under GDPR.

Answer 16

True

Question 17

What does Article 32 of GDPR address?

Answer 17

Security of processing

Question 18

What rights do data subjects have under GDPR?

Answer 18

Right to access, right to rectification, right to erasure, right to restrict processing, right to data portability, right to object.

Question 19

What is the role of the European Data Protection Board (EDPB)?

Answer 19

To ensure consistent application of GDPR across EU member states.

Question 20

Which law complements GDPR in France?

Answer 20

Loi Informatique et Libertés

Question 21

True or False: Personal data can be processed without consent if it is necessary for the performance of a contract.

Answer 21

True

Question 22

What is the main goal of data minimization as per GDPR?

Answer 22

To ensure only necessary data is processed.

Question 23

What is the ‘right to data portability’?

Answer 23

The right for individuals to obtain and reuse their personal data across different services.

Question 24

Fill in the blank: Under GDPR, data processing must be ________ and _________.

Answer 24

lawful; transparent

Question 25

What does Article 6 of GDPR specify?

Answer 25

The lawful bases for processing personal data.

Question 26

True or False: GDPR allows for the processing of sensitive personal data under certain conditions.

Answer 26

True

Question 27

What is a 'data breach'?

Answer 27

A security incident that affects the confidentiality, integrity, or availability of personal data.

Question 28

What must organizations do if they experience a data breach?

Answer 28

Notify the relevant supervisory authority and affected individuals if necessary.

Question 29

Fill in the blank: The ________ is responsible for enforcing GDPR in each EU member state.

Answer 29

supervisory authority

Question 30

What does the term 'data subject' refer to?

Answer 30

An individual whose personal data is being processed.

Question 31

True or False: GDPR applies to personal data processed for purely personal or household activities.

Answer 31

False

Question 32

What are the consequences of violating GDPR?

Answer 32

Fines, sanctions, and reputational damage.

Question 33

What is the purpose of a privacy notice?

Answer 33

To inform data subjects about how their personal data will be processed.

Question 34

Fill in the blank: GDPR emphasizes the importance of ________ by design and by default.

Answer 34

privacy

Question 35

What does 'legitimate interest' mean in GDPR?

Answer 35

A legal basis for processing personal data if it does not override the rights of the data subject.

Question 36

What is the role of consent in data processing under GDPR?

Answer 36

Consent must be freely given, specific, informed, and unambiguous.

Question 37

True or False: Organizations can pre-tick consent boxes to obtain consent under GDPR.

Answer 37

False

Question 38

What is the significance of Article 3 of GDPR?

Answer 38

It defines the territorial scope of GDPR.

Question 39

What is a 'data processing agreement'?

Answer 39

A contract between a data controller and a data processor outlining data protection responsibilities.

Question 40

Fill in the blank: The ________ must be able to demonstrate compliance with GDPR.

Answer 40

data controller

Question 41

What is the 'right to object'?

Answer 41

The right of individuals to object to the processing of their personal data in certain circumstances.

Question 42

True or False: GDPR allows for the transfer of personal data outside the EU under certain conditions.

Answer 42

True

Question 43

What is the purpose of the 'one-stop-shop' mechanism in GDPR?

Answer 43

To provide a single point of contact for businesses operating in multiple EU countries.

Question 44

Fill in the blank: GDPR requires organizations to conduct a ________ when processing high-risk data.

Answer 44

Data Protection Impact Assessment (DPIA)

Question 45

What does Article 25 of GDPR address?

Answer 45

Data protection by design and by default.

Question 46

What are 'special categories of personal data'?

Answer 46

Data that reveals racial or ethnic origin, political opinions, religious beliefs, health data, etc.

Question 47

True or False: Data controllers are not responsible for the actions of their data processors.

Answer 47

False

Question 48

What is the 'Accountability Principle' in GDPR?

Answer 48

Data controllers must be responsible for and able to demonstrate compliance with the GDPR.

Question 49

Fill in the blank: Individuals can appeal decisions made by data protection authorities to the ________.

Answer 49

European Court of Justice

Question 50

What is the significance of the 'Privacy Shield' framework?

Answer 50

It was a mechanism for transferring personal data from the EU to the US, which has since been invalidated.

Question 51

What does Article 12 of GDPR provide for?

Answer 51

Transparent information, communication, and modalities for the exercise of rights.

Question 52

True or False: Organizations must appoint a Data Protection Officer (DPO) only if they process sensitive data.

Answer 52

False

Question 53

What is the purpose of the 'Right to Rectification'?

Answer 53

To allow individuals to correct inaccurate or incomplete personal data.

Question 54

Fill in the blank: The GDPR encourages organizations to implement ________ measures to protect personal data.

Answer 54

technical and organizational

Question 55

What is the 'Right to Restrict Processing'?

Answer 55

The right of individuals to limit how their personal data is processed.

Question 56

True or False: Consent for data processing can be implied under GDPR.

Answer 56

False