Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-E All Questions

View all questions & answers for the CIPP-E exam
Go to Exam

Exam CIPP-E topic 1 question 198 discussion

Actual exam question from IAPP's CIPP-E
Question #: 198
Topic #: 1
[All CIPP-E Questions]

If a French controller has a car-sharing app available only in Morocco, Algeria and Tunisia, but the data processing activities are carried out by the appointed processor in Spain, the GDPR will apply to the processing of the personal data so long as?

  • A. The individuals are European citizens or residents.
  • B. The data processing activities are in Spain.
  • C. The data controller is in France.
  • D. The EU individuals are targeted.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Fendou at May 1, 2023, 5:31 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Fendou
Highly Voted 1 year, 6 months ago
Wrong again....... Should be C. This is taken from textbook.
upvoted 7 times
...
aliblabla
Most Recent 3 months, 2 weeks ago
Selected Answer: C
Based on 3 (1) GDPR, the answers B and C are correct; if either the controller or the processor is based in the EU, the GDPR is applicable
upvoted 1 times
...
Ssourav
3 months, 2 weeks ago
Selected Answer: B
In the scenario where a French controller has a car-sharing app available only in Morocco, Algeria, and Tunisia, but the data processing activities are carried out by the appointed processor in Spain, the GDPR will apply based on the territorial scope outlined in Article 3 of the GDPR. Processing within the EU (Article 3(1)): As long as the data processing activities are conducted within the EU (Spain in this case), the GDPR applies to those activities, irrespective of where the data subjects (individuals using the app) are located.
upvoted 1 times
...
7f814c6
4 months ago
Selected Answer: C
C- As per Article 3(1), the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union triggers the application of the GDPR and the related obligations for the data controller or processor concerned. Also this is identical question as provided in the example 4 of Guidelines on the territorial scope.
upvoted 1 times
7f814c6
3 months, 2 weeks ago
Article 3(1) is based on the establishment of the controller or processor within the EU and the location of the processing activities alone does not determine the applicability of the GDPR. If a non-EU company without an EU establishment uses a third-party processor in the EU, the GDPR does not automatically apply to such controller.
upvoted 1 times
...
...
Claire0911
1 year, 1 month ago
The answer should be B as it is asking about the data processing activity.
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel