ExamTopics Logo
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-E All Questions

View all questions & answers for the CIPP-E exam
Go to Exam

Exam CIPP-E topic 1 question 198 discussion

Actual exam question from IAPP's CIPP-E
Question #: 198
Topic #: 1
[All CIPP-E Questions]

If a French controller has a car-sharing app available only in Morocco, Algeria and Tunisia, but the data processing activities are carried out by the appointed processor in Spain, the GDPR will apply to the processing of the personal data so long as?

  • A. The individuals are European citizens or residents.
  • B. The data processing activities are in Spain.
  • C. The data controller is in France.
  • D. The EU individuals are targeted.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Fendou at May 1, 2023, 5:31 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Fendou
Highly Voted 1 year, 10 months ago
Wrong again....... Should be C. This is taken from textbook.
upvoted 8 times
...
JacHa
Most Recent 1 month, 2 weeks ago
Selected Answer: B
Nasty question because even if the controller decided to move out of the EU then the GDPR would, with the processor in Spain, still apply according to article 3.
upvoted 1 times
...
72d0a83
3 months, 1 week ago
Selected Answer: C
Based on 3 (1) GDPR, the answers B and C are correct; if either the controller or the processor is based in the EU, the GDPR is applicable
upvoted 1 times
...
aliblabla
7 months ago
Selected Answer: C
Based on 3 (1) GDPR, the answers B and C are correct; if either the controller or the processor is based in the EU, the GDPR is applicable
upvoted 2 times
...
Ssourav
7 months, 1 week ago
Selected Answer: B
In the scenario where a French controller has a car-sharing app available only in Morocco, Algeria, and Tunisia, but the data processing activities are carried out by the appointed processor in Spain, the GDPR will apply based on the territorial scope outlined in Article 3 of the GDPR. Processing within the EU (Article 3(1)): As long as the data processing activities are conducted within the EU (Spain in this case), the GDPR applies to those activities, irrespective of where the data subjects (individuals using the app) are located.
upvoted 1 times
...
7f814c6
7 months, 3 weeks ago
Selected Answer: C
C- As per Article 3(1), the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union triggers the application of the GDPR and the related obligations for the data controller or processor concerned. Also this is identical question as provided in the example 4 of Guidelines on the territorial scope.
upvoted 1 times
7f814c6
7 months, 1 week ago
Article 3(1) is based on the establishment of the controller or processor within the EU and the location of the processing activities alone does not determine the applicability of the GDPR. If a non-EU company without an EU establishment uses a third-party processor in the EU, the GDPR does not automatically apply to such controller.
upvoted 1 times
...
...
Claire0911
1 year, 5 months ago
The answer should be B as it is asking about the data processing activity.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago