EXIN Privacy and Data Protection Foundation is a certification that validates your knowledge and understanding of the protection of personal data, the EU rules and regulations regarding data protection. To earn this certification, you need to pass PDPF exam easily. PDPF is designed for all staff who need to have an understanding of data protection and the European legal requirements as defined in the GDPR.
Number of questions: 40 (Multiple Choice)
Duration: 1 hour
Pass mark: 65%
Available languages: English, German, Spanish, French, Brazilian Portuguese, Dutch, Japanese, Chinese, Hebrew
PDPF exam specifications contain the following 3 sections.
PDPF Privacy and Data Protection Foundation exam training questions can help you test the above exam specifications. Share some PDPF exam training questions and answers below.
1.For processing of personal data to be legal, a number of requirements must be fulfilled.What is a requirement for lawful personal data processing?
A. A ‘code of conduct’, describing what the processing exactly entails, must be in place.
B. The data subject must have given consent, prior to the processing to begin.
C. The processing must be reported to and allowed by the Data Processing Authority
D. There must be a legitimate ground for the processing of personal data.
Answer: D
2.Under what EU legislation is data transfer between the EEA and the U.S.A. allowed?
A. An adequacy decision based on the Privacy Shield program
B. An adequacy decision by reason of US domestic legislation
C. The Transatlantic Trade an Investment Partnership (TTIP)
D. The U.S.A.’s commitment to join the European Economic Area
Answer: A
3.According to the GDPR, for which situations should a Data Protection Impact Assessment (DPIA) be conducted?
A. For all projects that include technologies or processes that require data protection
B. For all sets of similar processing operations with comparable risks
C. For any situation where technologies and processes will be subject to a risk assessment
D. For technologies and processes that are likely to result in a high risk to the rights of data subjects
Answer: A
4.While paying with a credit card, the card is skimmed (i.e. the data on the magnetic strip is stolen). The magnetic strip contains the account number, expiration date, cardholder’s name and address, PIN number and more.What kind of a data breach is this?
A. Material
B. Non-material
C. Verbal
Answer: B
5.Someone regularly receives offers from a store where he purchased something five years ago. He wants the company to stop sending offers and to wipe his personal data.Which aspect of the rights of a data subject in the General Data Protection Regulation (GDPR) requires the company to comply?
A. The right to erasure
B. The right to rectification
C. The right to restriction of processing
D. The right to withdraw consent
Answer: D