Free IAPP CIPP-E Exam Questions

Start-up company MagicAl is developing an AI system that will be part of a medical device that detects skin cancer. To take measures against potential bias in its AI system, the IT team decides to collect data about users’ ethnic origin, nationality, and gender.Start-up company MagicAl is developing an AI system that will be part of a medical device that detects skin cancer. To take measures against potential bias in its AI system, the IT team decides to collect data about users’ ethnic origin, nationality, and gender.

Company X has entrusted the processing of their payroll data to Provider Y. Provider 'I stores this encrypted data on its server. The IT department of Provider 'I finds out that someone managed to hack into the system and take a copy of the data from its server. In this scenario, whom does Provider 'I have the obligation to notify?

What is the most frequently used mechanism for legitimizing cross-border data transfer?

A data controller appoints a data protection officer. Which of the following conditions would NOT result in an infringement of Articles 37 to 39 of the GDPR?

Under the GDPR, which of the following is true in regard to adequacy decisions involving cross-border transfers?