Free IAPP CIPP-E Exam Questions

Become IAPP Certified with updated CIPP-E exam questions and correct answers

Page: 1 / 64

Total 320 Questions | Updated On: Nov 24, 2025

Add To Cart

Question 1

Which of the following would most likely NOT be covered by the definition of "personal data" under the GDPR?

A : payment card number of a Dutch citizen

B : U.S. social security number of an American citizen living in France

C : unlinked aggregated data used for statistical purposes by an Italian company

D : identification number of a German candidate for a professional examination in Germany

Answer: D

Question 2

What is the primary purpose of Convention 108+, which amends the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data?

A : To issue updated guidelines for data transfers from the EU to third-country signatories to the Convention.

B : To modify the process for third countries to obtain an adequacy decision from the European Commission.

C : To strengthen data protection in line with the European and international regulatory framework.

D : To establish new data subject rights and safeguards for consumers in the EU member states.

Answer: C

Question 3

Through a combination of hardware failure and human error, the decryption key for a bank’s customer account transaction database has been lost. An investigation has determined that this was not the result of hacking or malfeasance, simply an unfortunate combination of circumstances. Which of the following accurately indicates the nature of this incident?

A : A data breach has not occurred because the loss was not the result of hacking.

B : A data breach has not occurred because no data was exposed to any unauthorized individual.

C : A data breach has occurred because the loss of the key has resulted in the data no longer being accessible.

D : A data breach has occurred because the loss of the key has resulted in the loss of confidentiality or integrity of the data.

Answer: D

Question 4

Start-up company MagicAl is developing an AI system that will be part of a medical device that detects skin cancer. To take measures against potential bias in its AI system, the IT team decides to collect data about users’ ethnic origin, nationality, and gender.Start-up company MagicAl is developing an AI system that will be part of a medical device that detects skin cancer. To take measures against potential bias in its AI system, the IT team decides to collect data about users’ ethnic origin, nationality, and gender.

A : Processing necessary for scientific or statistical purposes.

B : Processing necessary for reasons of substantial public interest.

C : Processing necessary for purposes of preventive or occupational medicine.

D : Processing necessary for the defense of legal claims in potential negligence cases.

Answer: C

Question 5

What is the key difference between the European Council and the Council of the European Union?

A : Council of the European Union is helmed by a president.

B : Council of the European Union has a degree of legislative power.

C : European Council focuses primarily on issues involving human rights.

D : European Council is comprised of the heads of each EU member state.

Answer: D

Page: 1 / 64

Total 320 Questions | Updated On: Nov 24, 2025

Add To Cart