Short Summaries of the CIPP/E Material
The best revision notes for the CIPP/E
Do you just want someone to tell you what you need to know?
Are you struggling to find the time to make revision notes?
Is a short multi-day workshop that costs $$$ not for you?
Then, you are in the
CIPP/E Preparation Revision Notes
contains summaries of:
All substantive topics listed in the IAPP Body of Knowledge.
All relevant guidelines referred to in the IAPP Body of Knowledge.
How is CIPP/E Preparation different?
*You have up to 14 days from the date of purchase to change your mind. You will be refunded - no questions asked.
What do the revision notes cover?
Here is a breakdown of what the revision notes contain:
b) Instruments giving an impetus to create Data Protection Laws
c) Timeline of Data Protection Laws
d) Data Protection Directive vs General Data Protection Regulation
e) Related Legislation & Instruments
b) European Parliament (“EP”)
c) European Council
d) Council of the European Union
e) European Commission
f) Court of Justice of the European Union
b) Council of Europe Convention (Convention 108)
c) Data Protection Directive
d) General Data Protection Regulation
e) Law Enforcement Data Protection Directive
f) Privacy and Electronic Communications Directive
g) EU Directive on Electronic Commerce
h) Directive on Security of Network and Information Systems
i) Data Retention Directive
a) Personal Data
b) Sensitive personal data
f) Data Subject
Summary of Guidelines 07:2020 on the concepts of controller and processor in the GDPR
a) Territorial Scope
b) Material scope
Summary of Guidelines 3:2018 on the territorial scope of the GDPR - Art. 3
b) Lawfulness, fairness and transparency
c) Purpose limitation
d) Data minimisation
f) Storage limitation
g) Integrity and confidentiality
7.1. Lawful Processing Criteria
c) Contractual necessity
d) Legal obligation
e) Vital interests
f) Public interests
g) Legitimate interests
7.2. Lawful Processing Criteria - Special Categories of Personal Data
b) Explicit consent
c) Legal obligations under employment/social protection law
d) Vital interests
e) Legitimate activity of a not-for-profit body
f) Publicly available
g) Legal claim
h) Substantial public interest
i) Medical purpose
j) Public health
k) Public interest, scientific or historical research purposes, or statistical purposes
b) Article 13
c) Article 14
d) When additional information must be provided
e) When and how
f) Fair processing notices
b) Right of access (Art. 15)
c) Right to rectification (Art. 16)
d) Right to erasure (Art. 17)
e) Right to restriction of processing (Art. 18)
f) Notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19)
g) Right to data portability (Art. 20)
h) Right to object (Art. 21)
i) Right to not be subject to automated decision-making (Art. 22)
- Guidelines 52019 on the criteria of the Right to be Forgotten in the search engines cases under the GDPR
- Guidelines 10:2020 on restrictions under Article 23 GDPR
b) Appropriate technical and organisational measures
c) Breach Notification
d) Vendor Management
e) Data Sharing
b) Responsibility of controllers
c) Article 25 - Data protection by design and by default
d) Record keeping and co-operation with regulators
e) Data protection impact assessment
f) Data protection officer
g) Auditing of privacy programs
b) What is a transfer?
c) Adequacy Decisions
d) Adequate Safeguards
f) Transfers to the US
g) Transfer Impact Assessments
- Guidelines 05:2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR
- Guidelines 04:2021 on codes of conduct as tools for transfers
- Guidelines 02:2018 on derogations of Article 49 under Regulation 2016:679
- Recommendations 01:2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data
c) Data subject rights
d) Regulator supervision
e) International cooperation
b) Process and procedures
d) Data Subject Compensation
e) Class Actions
b) Legal basis for processing of employee data
c) Storage of personnel records
d) Workplace monitoring and data loss prevention
e) EU Works councils
f) Whistleblowing systems
g) ‘Bring your own device’ (BYOD) programs
b) Regulation of surveillance
c) Communications surveillance
d) Video surveillance
e) Biometric data/facial recognition
f) Location data
Summary of Guidelines 3:2019 on processing of personal data through video devices
b) Regulation of direct marketing
c) Specific types of marketing +
Summary of Guidelines 8:2020 on the targeting of social media use
b) Cloud computing
d) Search engines
e) Social networking services (SNS)
f) Artificial Intelligence
What is the CIPP/E?
The International Association of Privacy Professionals (IAPP) is a non-profit organisation that provides privacy and data protection education and certifications.
The Certified Information Privacy Professional/Europe Exam or (CIPP/E for short) is set by the IAPP and consists of 90 multiple-choice questions. 75 questions are graded and you have 2.5 hours.
You can sit and schedule the CIPP/E in any PearsonVue Centre or often, even remotely through your own laptop.
For more information, resources and booking the actual exam, check out the Official IAPP page.
Why take the CIPP/E?
Many in-house legal and compliance jobs and roles require some knowledge of the EU General Data Protection Regulation (the "GDPR") and the protection of people's data.
The GDPR was one of the most fundamental and ground-breaking laws that was introduced in the European Union and touched almost every aspect of life.
The job market can be very competitive and you will want to make your CV stand out!
Passing the CIPP/E will help you demonstrate that you have a foundation in data protection and GPDR knowledge.
Adding a CIPP/E certification to your CV will help you stand out and give employers confidence in your privacy skills!
Many businesses need to be GDPR-compliant and have awareness of their obligations under the GDPR.
Lots of businesses struggle with resource and having budget to hire external expertise.
Having a basic understanding of the GDPR and advising your employer or your own business of what needs to be done, can avoid headaches and turn you into an invaluable asset.
Who will teach me?
My name is Madeleine Weber!
I have been working as a legal professional for half a decade, predominantly in the IT industry as an in-house counsel.
My day-to-day job as an in-house lawyer involves a lot of drafting and negotiating of data protection agreements. Therefore, I accumulated a lot of experience in data protection and the EU GDPR, in particular.
However, I found that in order to progress in my career, I had to prove that knowledge by passing the CIPP/E and becoming a certified privacy professional.
I sat the exam in November 2021 and passed on my first attempt.
I am so excited to be in a position to provide you with the resources I wish I had when I studied for the CIPP/E.
I would also recommend to purchase the latest edition of the recommended textbook: European Data Protection by Eduardo Ustaran.
You will also need to budget costs to book and sit the CIPP/E exam (remember, to be certified, you will also need to become a member of IAPP) - always check the IAPP website for the latest fees (at the moment, the exam fee is $550 and the membership fee is $250).
Bear in mind that this product DOES NOT CONTAIN the actual exam, the membership, nor the textbook.
For a step-by-step overview of what is needed to become a Certified Information Privacy Professional, please click here.
You will have access for 1 year from the date of purchase.
You will receive access to the following:
- Written summaries covering 18 modules
NO! Please don't purchase these revision notes if you are already enrolled in CIPP/E Preparation as the notes are identical.
All materials are downloadable and usable offline.
The course is provided via Teachable. All materials will be available on all your devices either via a web browser or via the Teachable app.
If you are unhappy about any aspect of the course, do let me know and I will do my best to sort the issue out for you.
If this resource is not for you or you wish to un-enrol for any other reason, I understand, as well. You have up to 14 days from the date of purchase to change your mind. You will be refunded - no questions asked.
No refunds will be provided after the 14-day period.