Not stated.
Privacy & Data Protection Foundation
EXIN Privacy & Data Protection Foundation (PDPF) is a certification that validates a professional’s knowledge and understanding of the protection of personal data and the EU rules and regulations regarding data protection.
Wherever personal data is collected, stored, used, and finally deleted or destroyed, privacy concerns arise. With the EU General Data Protection Regulation (GDPR), the Council of the European Union aims to strengthen and unify data protection for all individuals within the European Union (EU). This regulation affects every organization that processes personal data of EU citizens. The EXIN Privacy & Data Protection Foundation certification covers the main subjects related to the GDPR.
The new standard in the ISO/IEC 27000 series: ISO/IEC 27701:2019 Security Techniques – Extension to ISO/IEC 27001 and ISO/IEC 27002 for Privacy Information Management – Requirements and Guidelines is useful for organizations that want to show compliance with the GDPR. The content of the new ISO standard helps fulfill the GDPR obligations for organizations regarding the processing of personal data.
Neither the GDPR nor the ISO standard are exam literature. However, the literature matrix in Chapter 4 is designed to show the link between the exam requirements, the literature, the GDPR, and the ISO/IEC 27701:2019 standard to give the certification a broader context.
Successful completion of the EXIN Privacy & Data Protection Foundation exam
All employees must have an understanding of data protection and European legal requirements as defined in the GDPR. This certification is tailored to:
-
- data protection officers (DPOs)
- compliance officers
- security officers
- HR staff
- process and project managers
1.3 Legitimate Grounds and Purpose Limitations
1.4 Further Requirements for Legitimate Processing of Personal Data
1.5 Rights of Data Subjects
1.6 Personal Data Breach and Related Procedures
2.2 Supervisory Authority
2.3 Personal Data Transfer to Third Countries
2.4 Binding Corporate Rules and Data Protection in Contracts
3.2 Data Protection Impact Assessment (DPIA)
3.3 Personal Data in Use
Length of exam | 1 hour |
Number of questions | 40 |
Question format | Multiple choice |
Passing grade | Â 65% |
Exam availability | English, Chinese, German, Portuguese, Dutch |
Testing center | Online Proctored / Paper-Based |