Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-E All Questions

View all questions & answers for the CIPP-E exam
Go to Exam

Exam CIPP-E topic 1 question 65 discussion

Actual exam question from IAPP's CIPP-E
Question #: 65
Topic #: 1
[All CIPP-E Questions]

A company is located in a country NOT considered by the European Union (EU) to have an adequate level of data protection. Which of the following is an obligation of the company if it imports personal data from another organization in the European Economic Area (EEA) under standard contractual clauses?

  • A. Submit the contract to its own government authority.
  • B. Ensure that notice is given to and consent is obtained from data subjects.
  • C. Supply any information requested by a data protection authority (DPA) within 30 days.
  • D. Ensure that local laws do not impede the company from meeting its contractual obligations.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Ssourav at July 29, 2024, 5:05 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Nani1982
2 months, 4 weeks ago
The rights answer is D, because under the General Data Protection Regulation (GDPR) and the guidelines provided by the European Data Protection Board (EDPB), when a company located outside the European Economic Area (EEA) imports personal data from an organization within the EEA using standard contractual clauses (SCCs), it must ensure that it can comply with the obligations set out in those clauses. This includes ensuring that local laws in the importing country do not prevent the company from fulfilling its contractual obligations under the SCCs
upvoted 1 times
...
Ssourav
3 months, 3 weeks ago
Selected Answer: D
D. Ensure that local laws do not impede the company from meeting its contractual obligations. GDPR Article Reference: Article 46(1): Transfers of personal data to a third country or an international organization may take place where the controller or processor has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available. Standard Contractual Clauses (SCCs): These require the importing company to ensure that local laws do not prevent it from fulfilling its obligations under the SCCs, thereby ensuring that the transferred data is adequately protected.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel