Start Mock Test
Pass Mark 10/12
Your email
*
Type a question
What does "GDPR" stand for?
General Data Protection Regulation
Global Data Privacy Rule
Government Data Protection Requirement
Under the UK GDPR, what is a "data subject"?
The company that collects and processes personal information
The living individual whose personal data is being processed
The government agency that enforces data privacy laws
How long can an organisation keep personal data under UK GDPR guidelines?
Permanently, as long as it is securely stored
For exactly 5 years from the date it was collected
No longer than is necessary for the purposes it was collected for
Which independent body is responsible for enforcing the UK GDPR and upholding information rights in the UK?
The Information Commissioner's Office (ICO)
The UK Data Protection Ministry
The Federal Trade Commission (FTC)
If an individual requests to see the personal data an organization holds about them, this is known as what?
A Right to Be Forgotten request
A Subject Access Request (SAR)
A Data Portability demand
Which of the following is considered "special category" (sensitive) personal data under the UK GDPR?
An individual's ethnic origin or health data
An individual's home address and postcode
An individual's work email address
What must an organisation have before they can legally process anyone's personal data?
Written permission from the Information Commissioner's Office
A valid lawful basis, such as consent or legal obligation
A minimum of ten employees
Under the UK GDPR, if an individual withdraws their consent for a company to use their data, what should the company generally do?
Keep using it but stop sending promotional emails
Charge the individual a fee to delete the data
Stop processing that individual's data
If an organisation suffers a serious data breach that risks people's rights, within how many hours must they report it to the ICO?
24 hours
72 hours
30 days
What does the UK GDPR principle of "data minimisation" mean?
Companies must delete all data at the end of every working day
Data must be compressed into the smallest possible file sizes to save digital space
Companies should only collect the personal data they actually need for their specific purpose
Who is a "data processor" under the UK GDPR?
A third-party service or organisation that handles personal data on behalf of a data controller
The specific computer software used to encrypt files
The individual citizen whose data is being stored
Which UK GDPR right allows an individual to ask an organisation to correct inaccurate personal data held about them?
The Right to Erasure
The Right to Restriction
The Right to Rectification
GDPR Tag
Pass GDPR
To join our mailing list & agree to our privacy policy opt-in below: https://healthandsafetytraining1st.co.uk/privacy-policy/
*
I agree
Please verify that you are human
*
CalculationCorrection
Score
Submit
Should be Empty: