Settings
Language
Color Theme
GDPR Fundamentals
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that aims to safeguard the personal data of individuals within the European Union (EU) by establishing principles such as consent, transparency, and accountability.
GDPR Principles
The GDPR principles of consent, transparency, and accountability ensure that individuals have control over how their personal data is captured, stored and used. In the following pages we'll deep-dive into this.
GDPR Consent Principle
To meet consent requirements, organizations must ensure that consent is freely given, specific, informed, and unambiguous. Additionally, individuals must give consent through an active action and must also be given the ability to withdraw consent.
Is the following statement True or False:
For GDPR, organizations need to get permission from individuals before collecting their data.
Consent is a crucial aspect of GDPR compliance. Organizations need to get clear permission from individuals before collecting or using their data. Individuals have the right to say no and can withdraw their consent at any time. A good example of this is when you log onto a website and accept the cookie policy.
View Options Again
True
False
GDPR Transparency Principle
To meet transparency requirements, organizations must provide individuals with comprehensive information about the collection, use and sharing of their data. This includes the identity of any third-parties the data is shared with.
Which of the following is a GDPR transparency requirement?
To meet GDPR transparency requirements, organizations must provide individuals with comprehensive information about the collection, use, and sharing of their data.
View Options Again
All options are correct.
Providing individuals with information on how their data will be collected.
Providing individuals with information on how their data will be shared.
Providing individuals with information on how their data will be used.
GDPR Accountability Principle
To meet GDPR accountability requirements, organizations must ensure that they take ownership over all aspects of data collection, data security, and data sharing.
Data Collection
Data Security
Data Sharing
Organizations must limit the collection of personal data to what's necessary for business purposes. These purposes must be clearly defined and document the lawful basis for processing the data. Finally, organizations must regularly review and update data collection practices to ensure that only relevant and necessary data is collected and retained.
Organizations must implement both technical and non-technical measures to ensure the security of personal data. This includes protection against unauthorized access, accidental loss, destruction, or damage throughout the data processing lifecycle.
In the context of GDPR, a sub-processor refers to any third-party entity that processes personal data on behalf of the data controller. These organizations must only be engaged if they provide sufficient guarantees that data protection measures are in place. This includes a written contract outlining their responsibilities to adhere to the GDPR.
Is the following statement True or False:
Once consent is given for data collection, it's ok to share that information with ANY third-party.
Organizations must only share data with sub-processors if sufficient guarantees can be provided that data protection measures are in place and meet the rigor of GDPR requirements. This needs to be written in a contract, and individuals must be notified of this data-processing relationship.
View Options Again
True
False
The rights of individuals protected by GDPR
Under GDPR, individuals are granted certain rights that empower them to exercise control over their personal data. Let's explore some of these rights.
Information Transparency
Control over Personal Data
Protection against Automated Decisions
Individuals have the right to be informed about why their personal data is being collected and processed. Further to this, it needs to be communicated in a clear and understandable manner.
Individuals can exercise their rights to access, rectify, restrict processing, and request the erasure or portability of their personal data, allowing them to have greater control and accuracy over their information.
Individuals have the right to object to automated decision-making, including profiling, and have the right to ensure that such decisions do not significantly impact them without human intervention.
Which of the following is NOT a GDPR right provided to individuals?
Individuals can exercise their rights to access, rectify, restrict processing, and request the erasure or portability of their personal data. However, under the GDPR, individuals don't need to be financially compensated for any revenue derived from sharing of their personal data.
View Options Again
Individuals have the right to stop their data being used to build automated profiles on them.
Individuals have the right to rectify any incorrect or out-of-date data.
Individuals have the right to request their data be erased.
Individuals must be financially compensated for any revenue derived from sharing of their personal data.
Wrapping up
GDPR grants individuals rights to control and protect their personal data, providing transparency, control, and safeguards in an increasingly data-driven world. These rights empower individuals to make informed decisions about their privacy.
Back
Next
Translation Correction
×
Select a translation to correct...
Begin the Guided Tour
[0, "Begin the Guided Tour", "Begin the Guided Tour"],
Look out for urgency in email subjects, fraudulent sender addresses or requests to perform an action.
[1, "Look out for urgency in email subjects, fraudulent sender addresses or requests to perform an action.", "Look out for urgency in email subjects, fraudulent sender addresses or requests to perform an action."],
Compose
[2, "Compose", "Compose"],
Folders
[3, "Folders", "Folders"],
Inbox
[4, "Inbox", "Inbox"],
Starred
[5, "Starred", "Starred"],
Draft
[6, "Draft", "Draft"],
Sent Mail
[7, "Sent Mail", "Sent Mail"],
Spam
[8, "Spam", "Spam"],
Trash
[9, "Trash", "Trash"],
[URGENT] Claim Your Work From Home Set-Up Payment
[10, "[URGENT] Claim Your Work From Home Set-Up Payment", "[URGENT] Claim Your Work From Home Set-Up Payment"],
Human Resources
[11, "Human Resources", "Human Resources"],
to
[12, "to", "to"],
Claim Your Work From Home Set-Up Payment
[13, "Claim Your Work From Home Set-Up Payment", "Claim Your Work From Home Set-Up Payment"],
Our company acknowledges that we are all working from home for a longer period and is offering a one-time payment to all employees of
[14, "Our company acknowledges that we are all working from home for a longer period and is offering a one-time payment to all employees of", "Our company acknowledges that we are all working from home for a longer period and is offering a one-time payment to all employees of"],
to ensure that you have a suitable home working set-up.
[15, "to ensure that you have a suitable home working set-up.", "to ensure that you have a suitable home working set-up."],
To receive the payment via payroll
[16, "To receive the payment via payroll", "To receive the payment via payroll"],
you will need to complete this
[17, "you will need to complete this", "you will need to complete this"],
acknowledgement form
[18, "acknowledgement form", "acknowledgement form"],
For more information on how to set up your home office space safely, please look at the
[19, "For more information on how to set up your home office space safely, please look at the", "For more information on how to set up your home office space safely, please look at the"],
Thank you
[20, "Thank you", "Thank you"],
The Human Resources Team
[21, "The Human Resources Team", "The Human Resources Team"],
This is an automatically generated email, please do not reply
[22, "This is an automatically generated email, please do not reply", "This is an automatically generated email, please do not reply"],
Is the following statement True or False
[23, "Is the following statement True or False", "Is the following statement True or False"],
View Options Again
[24, "View Options Again", "View Options Again"],
Email Subject: Urgent Action
[25, "Email Subject: Urgent Action", "Email Subject: Urgent Action"],
Phishing attacks are designed to put a
[26, "Phishing attacks are designed to put a", "Phishing attacks are designed to put a"],
time pressure on us to act fast
[27, "time pressure on us to act fast", "time pressure on us to act fast"],
This can cause us to skip much of the critical thinking we normally apply when browsing our emails
[28, "This can cause us to skip much of the critical thinking we normally apply when browsing our emails", "This can cause us to skip much of the critical thinking we normally apply when browsing our emails"],
Email Sender: Fradulent Address
[29, "Email Sender: Fradulent Address", "Email Sender: Fradulent Address"],
Email Sender: Fraudulent Address
[30, "Email Sender: Fraudulent Address", "Email Sender: Fraudulent Address"],
Attackers will often use
[31, "Attackers will often use", "Attackers will often use"],
obscure email addresses and use display names
[32, "obscure email addresses and use display names", "obscure email addresses and use display names"],
that appear legitimate to the naked eye. Be cautious and carefully inspect email sender information
[33, "that appear legitimate to the naked eye. Be cautious and carefully inspect email sender information", "that appear legitimate to the naked eye. Be cautious and carefully inspect email sender information"],
Email Content: Engaging Topic
[34, "Email Content: Engaging Topic", "Email Content: Engaging Topic"],
Attackers often use a
[35, "Attackers often use a", "Attackers often use a"],
broad but important topic
[36, "broad but important topic", "broad but important topic"],
to increase the likelihood of a victim interacting with the phishing material. These topics may include geographic, political or financial themes.
[37, "to increase the likelihood of a victim interacting with the phishing material. These topics may include geographic, political or financial themes.", "to increase the likelihood of a victim interacting with the phishing material. These topics may include geographic, political or financial themes."],
Email Link: Phishing Website
[38, "Email Link: Phishing Website", "Email Link: Phishing Website"],
hovering over the link
[39, "hovering over the link", "hovering over the link"],
you'll see the true link location. Often this is enough to see the malicious intent.
[40, "you'll see the true link location. Often this is enough to see the malicious intent.", "you'll see the true link location. Often this is enough to see the malicious intent."],
Wrapping up
[41, "Wrapping up", "Wrapping up"],
If you
[42, "If you", "If you"],
spot anything suspicious
[43, "spot anything suspicious", "spot anything suspicious"],
with the email sender, subject, content, links or attachments
[44, "with the email sender, subject, content, links or attachments", "with the email sender, subject, content, links or attachments"],
Don't take the risk. Report the email to your IT or Security team for review.
[45, "Don't take the risk. Report the email to your IT or Security team for review.", "Don't take the risk. Report the email to your IT or Security team for review."],
Submit
[46, "Submit", "Submit"],
Next
[47, "Next", "Next"],
Back
[48, "Back", "Back"],
Malicious links will often appear with innocent looking text. By
[49, "Malicious links will often appear with innocent looking text. By", "Malicious links will often appear with innocent looking text. By"],
Correct!
[50, "Correct!", "Correct!"],
Incorrect
[51, "Incorrect", "Incorrect"],
True
[52, "True", "True"],
False
[53, "False", "False"],
Change language
[54, "Change language", "Change language"],
Current Language
[55, "Current Language", "Current Language"],
Use Browser Settings
[56, "Use Browser Settings", "Use Browser Settings"],
Select a language
[57, "Select a language", "Select a language"],
Change Language
[58, "Change Language", "Change Language"],
Please select a language
[59, "Please select a language", "Please select a language"],
Language
[60, "Language", "Language"],
Color Theme
[61, "Color Theme", "Color Theme"],
Color Theme And Background Selector
[62, "Color Theme And Background Selector", "Color Theme And Background Selector"],
Colorful Theme
[63, "Colorful Theme", "Colorful Theme"],
Select Theme
[64, "Select Theme", "Select Theme"],
Close
[65, "Close", "Close"],
Dark Theme
[66, "Dark Theme", "Dark Theme"],
Green Theme
[67, "Green Theme", "Green Theme"],
Purple Theme
[68, "Purple Theme", "Purple Theme"],
Light Theme
[69, "Light Theme", "Light Theme"],
Blue Theme
[70, "Blue Theme", "Blue Theme"],
Settings
[71, "Settings", "Settings"],
Theme Selected
[72, "Theme Selected", "Theme Selected"],
This training has been translated from English. If there is an inaccuracy, please report the correct translation by clicking here!
[73, "This training has been translated from English. If there is an inaccuracy, please report the correct translation by clicking here!", "This training has been translated from English. If there is an inaccuracy, please report the correct translation by clicking here!"],
Translation Correction
[74, "Translation Correction", "Translation Correction"],
Select a translation to correct...
[75, "Select a translation to correct...", "Select a translation to correct..."],
Original Text
[76, "Original Text", "Original Text"],
Correct Translation
[77, "Correct Translation", "Correct Translation"],
Translation to correct...
[78, "Translation to correct...", "Translation to correct..."],
Submissions are reviewed and applied within 48 hours.
[79, "Submissions are reviewed and applied within 48 hours.", "Submissions are reviewed and applied within 48 hours."],
Submit Correction
[80, "Submit Correction", "Submit Correction"],
Submission Successfully Sent
[81, "Submission Successfully Sent", "Submission Successfully Sent"],
Submission Error - Please Try Again
[82, "Submission Error - Please Try Again", "Submission Error - Please Try Again"],
Submission Sending...
[83, "Submission Sending...", "Submission Sending..."],
Mandatory Viewing
[84, "Mandatory Viewing", "Mandatory Viewing"],
Please watch the video from beginning to end before proceeding.
[85, "Please watch the video from beginning to end before proceeding.", "Please watch the video from beginning to end before proceeding."],
Ok
[86, "Ok", "Ok"],
Note: The Colorful, Blue, Light, and Dark Themes are all WCAG 2.2 Level AA conformant.
[87, "Note: The Colorful, Blue, Light, and Dark Themes are all WCAG 2.2 Level AA conformant.", "Note: The Colorful, Blue, Light, and Dark Themes are all WCAG 2.2 Level AA conformant."],
GDPR-Fundamentals
[88, "GDPR-Fundamentals", "GDPR-Fundamentals"],
GDPR Fundamentals
[89, "GDPR Fundamentals", "GDPR Fundamentals"],
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that aims to safeguard the personal data of individuals within the European Union (EU) by establishing principles such as consent, transparency, and accountability.
[90, "The General Data Protection Regulation (GDPR) is a comprehensive data protection law that aims to safeguard the personal data of individuals within the European Union (EU) by establishing principles such as consent, transparency, and accountability.", "The General Data Protection Regulation (GDPR) is a comprehensive data protection law that aims to safeguard the personal data of individuals within the European Union (EU) by establishing principles such as consent, transparency, and accountability."],
GDPR Principles
[91, "GDPR Principles", "GDPR Principles"],
The GDPR principles of consent, transparency, and accountability ensure that individuals have control over how their personal data is captured, stored and used. In the following pages we'll deep-dive into this.
[92, "The GDPR principles of consent, transparency, and accountability ensure that individuals have control over how their personal data is captured, stored and used. In the following pages we'll deep-dive into this.", "The GDPR principles of consent, transparency, and accountability ensure that individuals have control over how their personal data is captured, stored and used. In the following pages we'll deep-dive into this."],
GDPR Consent Principle
[93, "GDPR Consent Principle", "GDPR Consent Principle"],
To meet consent requirements, organizations must ensure that consent is freely given, specific, informed, and unambiguous. Additionally, individuals must give consent through an active action and must also be given the ability to withdraw consent.
[94, "To meet consent requirements, organizations must ensure that consent is freely given, specific, informed, and unambiguous. Additionally, individuals must give consent through an active action and must also be given the ability to withdraw consent.", "To meet consent requirements, organizations must ensure that consent is freely given, specific, informed, and unambiguous. Additionally, individuals must give consent through an active action and must also be given the ability to withdraw consent."],
For GDPR, organizations need to get permission from individuals before collecting their data.
[95, "For GDPR, organizations need to get permission from individuals before collecting their data.", "For GDPR, organizations need to get permission from individuals before collecting their data."],
Consent is a crucial aspect of GDPR compliance. Organizations need to get clear permission from individuals before collecting or using their data. Individuals have the right to say no and can withdraw their consent at any time. A good example of this is when you log onto a website and accept the cookie policy.
[96, "Consent is a crucial aspect of GDPR compliance. Organizations need to get clear permission from individuals before collecting or using their data. Individuals have the right to say no and can withdraw their consent at any time. A good example of this is when you log onto a website and accept the cookie policy.", "Consent is a crucial aspect of GDPR compliance. Organizations need to get clear permission from individuals before collecting or using their data. Individuals have the right to say no and can withdraw their consent at any time. A good example of this is when you log onto a website and accept the cookie policy."],
GDPR Transparency Principle
[97, "GDPR Transparency Principle", "GDPR Transparency Principle"],
To meet transparency requirements, organizations must provide individuals with comprehensive information about the collection, use and sharing of their data. This includes the identity of any third-parties the data is shared with.
[98, "To meet transparency requirements, organizations must provide individuals with comprehensive information about the collection, use and sharing of their data. This includes the identity of any third-parties the data is shared with.", "To meet transparency requirements, organizations must provide individuals with comprehensive information about the collection, use and sharing of their data. This includes the identity of any third-parties the data is shared with."],
Which of the following is a GDPR transparency requirement?
[99, "Which of the following is a GDPR transparency requirement?", "Which of the following is a GDPR transparency requirement?"],
Providing individuals with information on how their data will be collected.
[100, "Providing individuals with information on how their data will be collected.", "Providing individuals with information on how their data will be collected."],
Providing individuals with information on how their data will be shared.
[101, "Providing individuals with information on how their data will be shared.", "Providing individuals with information on how their data will be shared."],
Providing individuals with information on how their data will be used.
[102, "Providing individuals with information on how their data will be used.", "Providing individuals with information on how their data will be used."],
All options are correct.
[103, "All options are correct.", "All options are correct."],
To meet GDPR transparency requirements, organizations must provide individuals with comprehensive information about the collection, use, and sharing of their data.
[104, "To meet GDPR transparency requirements, organizations must provide individuals with comprehensive information about the collection, use, and sharing of their data.", "To meet GDPR transparency requirements, organizations must provide individuals with comprehensive information about the collection, use, and sharing of their data."],
GDPR Accountability Principle
[105, "GDPR Accountability Principle", "GDPR Accountability Principle"],
To meet GDPR accountability requirements, organizations must ensure that they take ownership over all aspects of data collection, data security, and data sharing.
[106, "To meet GDPR accountability requirements, organizations must ensure that they take ownership over all aspects of data collection, data security, and data sharing.", "To meet GDPR accountability requirements, organizations must ensure that they take ownership over all aspects of data collection, data security, and data sharing."],
Data Collection
[107, "Data Collection", "Data Collection"],
Organizations must limit the collection of personal data to what's necessary for business purposes. These purposes must be clearly defined and document the lawful basis for processing the data. Finally, organizations must regularly review and update data collection practices to ensure that only relevant and necessary data is collected and retained.
[108, "Organizations must limit the collection of personal data to what's necessary for business purposes. These purposes must be clearly defined and document the lawful basis for processing the data. Finally, organizations must regularly review and update data collection practices to ensure that only relevant and necessary data is collected and retained.", "Organizations must limit the collection of personal data to what's necessary for business purposes. These purposes must be clearly defined and document the lawful basis for processing the data. Finally, organizations must regularly review and update data collection practices to ensure that only relevant and necessary data is collected and retained."],
Data Security
[109, "Data Security", "Data Security"],
Organizations must implement both technical and non-technical measures to ensure the security of personal data. This includes protection against unauthorized access, accidental loss, destruction, or damage throughout the data processing lifecycle.
[110, "Organizations must implement both technical and non-technical measures to ensure the security of personal data. This includes protection against unauthorized access, accidental loss, destruction, or damage throughout the data processing lifecycle.", "Organizations must implement both technical and non-technical measures to ensure the security of personal data. This includes protection against unauthorized access, accidental loss, destruction, or damage throughout the data processing lifecycle."],
Data Sharing
[111, "Data Sharing", "Data Sharing"],
In the context of GDPR, a sub-processor refers to any third-party entity that processes personal data on behalf of the data controller. These organizations must only be engaged if they provide sufficient guarantees that data protection measures are in place. This includes a written contract outlining their responsibilities to adhere to the GDPR.
[112, "In the context of GDPR, a sub-processor refers to any third-party entity that processes personal data on behalf of the data controller. These organizations must only be engaged if they provide sufficient guarantees that data protection measures are in place. This includes a written contract outlining their responsibilities to adhere to the GDPR.", "In the context of GDPR, a sub-processor refers to any third-party entity that processes personal data on behalf of the data controller. These organizations must only be engaged if they provide sufficient guarantees that data protection measures are in place. This includes a written contract outlining their responsibilities to adhere to the GDPR."],
Once consent is given for data collection, it's ok to share that information with ANY third-party.
[113, "Once consent is given for data collection, it's ok to share that information with ANY third-party.", "Once consent is given for data collection, it's ok to share that information with ANY third-party."],
Organizations must only share data with sub-processors if sufficient guarantees can be provided that data protection measures are in place and meet the rigor of GDPR requirements. This needs to be written in a contract, and individuals must be notified of this data-processing relationship.
[114, "Organizations must only share data with sub-processors if sufficient guarantees can be provided that data protection measures are in place and meet the rigor of GDPR requirements. This needs to be written in a contract, and individuals must be notified of this data-processing relationship.", "Organizations must only share data with sub-processors if sufficient guarantees can be provided that data protection measures are in place and meet the rigor of GDPR requirements. This needs to be written in a contract, and individuals must be notified of this data-processing relationship."],
The rights of individuals protected by GDPR
[115, "The rights of individuals protected by GDPR", "The rights of individuals protected by GDPR"],
Under GDPR, individuals are granted certain rights that empower them to exercise control over their personal data. Let's explore some of these rights.
[116, "Under GDPR, individuals are granted certain rights that empower them to exercise control over their personal data. Let's explore some of these rights.", "Under GDPR, individuals are granted certain rights that empower them to exercise control over their personal data. Let's explore some of these rights."],
Information Transparency
[117, "Information Transparency", "Information Transparency"],
Individuals have the right to be informed about why their personal data is being collected and processed. Further to this, it needs to be communicated in a clear and understandable manner.
[118, "Individuals have the right to be informed about why their personal data is being collected and processed. Further to this, it needs to be communicated in a clear and understandable manner.", "Individuals have the right to be informed about why their personal data is being collected and processed. Further to this, it needs to be communicated in a clear and understandable manner."],
Control over Personal Data
[119, "Control over Personal Data", "Control over Personal Data"],
Individuals can exercise their rights to access, rectify, restrict processing, and request the erasure or portability of their personal data, allowing them to have greater control and accuracy over their information.
[120, "Individuals can exercise their rights to access, rectify, restrict processing, and request the erasure or portability of their personal data, allowing them to have greater control and accuracy over their information.", "Individuals can exercise their rights to access, rectify, restrict processing, and request the erasure or portability of their personal data, allowing them to have greater control and accuracy over their information."],
Protection against Automated Decisions
[121, "Protection against Automated Decisions", "Protection against Automated Decisions"],
Individuals have the right to object to automated decision-making, including profiling, and have the right to ensure that such decisions do not significantly impact them without human intervention.
[122, "Individuals have the right to object to automated decision-making, including profiling, and have the right to ensure that such decisions do not significantly impact them without human intervention.", "Individuals have the right to object to automated decision-making, including profiling, and have the right to ensure that such decisions do not significantly impact them without human intervention."],
Which of the following is NOT a GDPR right provided to individuals?
[123, "Which of the following is NOT a GDPR right provided to individuals?", "Which of the following is NOT a GDPR right provided to individuals?"],
Individuals have the right to request their data be erased.
[124, "Individuals have the right to request their data be erased.", "Individuals have the right to request their data be erased."],
Individuals have the right to rectify any incorrect or out-of-date data.
[125, "Individuals have the right to rectify any incorrect or out-of-date data.", "Individuals have the right to rectify any incorrect or out-of-date data."],
Individuals have the right to stop their data being used to build automated profiles on them.
[126, "Individuals have the right to stop their data being used to build automated profiles on them.", "Individuals have the right to stop their data being used to build automated profiles on them."],
Individuals must be financially compensated for any revenue derived from sharing of their personal data.
[127, "Individuals must be financially compensated for any revenue derived from sharing of their personal data.", "Individuals must be financially compensated for any revenue derived from sharing of their personal data."],
Individuals can exercise their rights to access, rectify, restrict processing, and request the erasure or portability of their personal data. However, under the GDPR, individuals don't need to be financially compensated for any revenue derived from sharing of their personal data.
[128, "Individuals can exercise their rights to access, rectify, restrict processing, and request the erasure or portability of their personal data. However, under the GDPR, individuals don't need to be financially compensated for any revenue derived from sharing of their personal data.", "Individuals can exercise their rights to access, rectify, restrict processing, and request the erasure or portability of their personal data. However, under the GDPR, individuals don't need to be financially compensated for any revenue derived from sharing of their personal data."],
Wrapping up
[129, "Wrapping up", "Wrapping up"],
GDPR grants individuals rights to control and protect their personal data, providing transparency, control, and safeguards in an increasingly data-driven world. These rights empower individuals to make informed decisions about their privacy.
[130, "GDPR grants individuals rights to control and protect their personal data, providing transparency, control, and safeguards in an increasingly data-driven world. These rights empower individuals to make informed decisions about their privacy.", "GDPR grants individuals rights to control and protect their personal data, providing transparency, control, and safeguards in an increasingly data-driven world. These rights empower individuals to make informed decisions about their privacy."],
[131, "", ""],
Original Text (English)
Correct Translation (English)
Submissions are reviewed and applied within 48 hours.
Color Theme And Background Selector
×
Colorful Theme
Select Theme
Blue Theme
Select Theme
Light Theme
Select Theme
Purple Theme
Select Theme
Green Theme
Select Theme
Dark Theme
Select Theme
Note: The Colorful, Blue, Light, and Dark Themes are all WCAG 2.2 Level AA conformant.
