Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPP-E All Questions

View all questions & answers for the CIPP-E exam
Go to Exam

Exam CIPP-E topic 1 question 124 discussion

Actual exam question from IAPP's CIPP-E
Question #: 124
Topic #: 1
[All CIPP-E Questions]

SCENARIO -
Please use the following to answer the next question:
Dynaroux Fashion (‘Dynaroux’) is a successful international online clothing retailer that employs approximately 650 people at its headquarters based in Dublin, Ireland. Ronan is their recently appointed data protection officer, who oversees the company’s compliance with the General Data Protection Regulation (GDPR) and other privacy legislation.
The company offers both male and female clothing lines across all age demographics, including children. In doing so, the company processes large amounts of information about such customers, including preferences and sensitive financial information such as credit card and bank account numbers.
In an aggressive bid to build revenue growth, Jonas, the CEO, tells Ronan that the company is launching a new mobile app and loyalty scheme that puts significant emphasis on profiling the company’s customers by analyzing their purchases. Ronan tells the CEO that: (a) the potential risks of such activities means that Dynaroux needs to carry out a data protection impact assessment to assess this new venture and its privacy implications; and (b) where the results of this assessment indicate a high risk in the absence of appropriate protection measures, Dynaroux may have to undertake a prior consultation with the Irish Data Protection Commissioner before implementing the app and loyalty scheme.
Jonas tells Ronan that he is not happy about the prospect of having to directly engage with a supervisory authority and having to disclose details of Dynaroux’s business plan and associated processing activities.
Which of the following facts about Dynaroux would trigger a data protection impact assessment under the GDPR?

  • A. The company will be undertaking processing activities involving sensitive data categories such as financial and children’s data.
  • B. The company employs approximately 650 people and will therefore be carrying out extensive processing activities.
  • C. The company plans to undertake profiling of its customers through analysis of their purchasing patterns.
  • D. The company intends to shift their business model to rely more heavily on online shopping.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Ssourav at Aug. 1, 2024, 5:27 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
8d60157
1 month, 2 weeks ago
Selected Answer: C
A is wrong as it incorrectly identifies financial data as sensitive data - it is not encompassed under the definition of sensitive data under the GDPR. Therefore, A is incorrect and the only right answer is C.
upvoted 1 times
...
Ssourav
3 months, 3 weeks ago
Selected Answer: A
Relevant Legislation: GDPR Article 35: Requires a DPIA when processing is likely to result in a high risk to the rights and freedoms of natural persons. This includes systematic and extensive evaluation of personal aspects based on automated processing, large-scale processing of sensitive data, or monitoring of publicly accessible areas. While both A and C could trigger a DPIA, the direct involvement of sensitive data categories such as financial and children's data is more immediately and clearly a high-risk factor under GDPR guidelines. Therefore, the correct answer is A.
upvoted 1 times
8d60157
1 month, 2 weeks ago
A is wrong as it incorrectly identifies financial data as sensitive data - it is not encompassed under the definition of sensitive data under the GDPR. Therefore, A is incorrect and the only right answer is C.
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel