ExamTopics Logo
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-E All Questions

View all questions & answers for the CIPP-E exam
Go to Exam

Exam CIPP-E topic 1 question 219 discussion

Actual exam question from IAPP's CIPP-E
Question #: 219
Topic #: 1
[All CIPP-E Questions]

Which of the following statements is inconsistent with the EDPB's position on qualifying a given processing as a “transfer” under Chapter V of the GDPR?

  • A. Transfers subject to the GDPR can only occur when two separate parties – each of them a controller, joint controller or processor – are involved.
  • B. Transfers subject to the GDPR may involve data disclosures between entities belonging to the same corporate group (intra-group data disclosures).
  • C. Transfers subject to the GDPR may involve remote access of personal data from a third country during a business trip of an employee of the controller for the given processing.
  • D. Transfers in which a controller or processor makes personal data available to another controller, joint controller, or processor needs to be subject to the GDPR for the given processing.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Claire0911 at Oct. 10, 2023, 4:16 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
72d0a83
3 weeks, 2 days ago
Selected Answer: A
A. Transfers subject to the GDPR can ONLY occur when two separate parties – each of them a controller, joint controller or processor – are involved.
upvoted 1 times
...
XL_165
3 weeks, 4 days ago
Selected Answer: C
C is inconsistent with the EDPB's position because remote access to data by an employee while traveling abroad does not qualify as a "transfer" under the GDPR. The EDPB has clarified that accessing personal data from outside the EU or EEA does not automatically constitute a transfer, unless there is an actual disclosure of personal data to a third country. In this case, merely accessing the data remotely by an employee of the controller during a business trip does not trigger the same conditions as a data transfer.
upvoted 1 times
...
Ssourav
4 months, 3 weeks ago
Selected Answer: A
A. Transfers subject to the GDPR can only occur when two separate parties – each of them a controller, joint controller or processor – are involved.
upvoted 1 times
...
7f814c6
5 months, 1 week ago
Selected Answer: A
A- This statement is incorrect because transfers under Chapter V of the GDPR do not necessarily require two separate parties. A transfer can involve data disclosures between entities within the same corporate group (intra-group data disclosures) and can also include situations where remote access to data from a third country is involved, such as during a business trip. The key factor is that the data is transferred to a third country, and the GDPR’s requirements for transfers apply in these contexts to ensure adequate protection of personal data.
upvoted 1 times
...
Claire0911
1 year, 2 months ago
I think the answer may be B.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago