Workplace Training
GDPR Awareness Test: Check Your Data Protection Knowledge
This GDPR awareness test helps you check your grasp of EU data protection essentials in 15 short questions. You will practice consent, data rights, and breach response, then get instant results to spot gaps before training or an audit. For team training, try our gdpr quiz for employees, explore a HIPAA compliance quiz, or learn more privacy basics with a student privacy quiz.
Take the Quiz
1What is considered personal data under the GDPR?
2Which GDPR principle requires that personal data be collected for specified, explicit, and legitimate purposes?
3Which lawful basis requires a data subject's voluntary, specific, informed, and unambiguous indication of agreement to processing?
4Under GDPR, which right allows individuals to obtain confirmation and access their personal data held by a controller?
5Which principle mandates that organizations collect only the personal data that is adequate, relevant, and limited to what is necessary for processing purposes?
6The right to data portability under GDPR allows data subjects to:
7What is the maximum period within which a controller must respond to a valid data subject access request?
8Which lawful basis allows processing personal data when it is necessary for the legitimate interests pursued by the controller or a third party?
9Under GDPR, when is it required to conduct a Data Protection Impact Assessment (DPIA)?
10Who determines the purposes and means of processing personal data under GDPR?
11Which mechanism is commonly used to ensure lawful transfer of personal data from the EU to countries outside the European Economic Area?
12What document must organizations maintain to demonstrate processing activities and compliance with GDPR obligations?
13Which data subject right allows individuals to stop their personal data being used for direct marketing and profiling?
14Under GDPR, what is the maximum administrative fine for infringements of basic data processing principles, such as data security or consent conditions?
15In the event of a personal data breach, within what timeframe must a controller notify the relevant supervisory authority under GDPR?
16Which condition must be met to legally process special category personal data under GDPR?
17What type of contract between a controller and a processor is mandatory under GDPR to govern processing activities?
18How can a data controller demonstrate compliance with the GDPR accountability principle?
19A data subject requests erasure of personal data that the organization must retain to comply with a legal obligation. What should the controller do?
20An organization intends to use non-essential cookies for analytics. What must it obtain before placing these cookies?
Learning Goals
Learning Outcomes
- Identify core principles of GDPR and their applications
- Analyse data subject rights under EU regulations
- Evaluate organizational responsibilities for data compliance
- Apply GDPR requirements to real-world scenarios
- Demonstrate awareness of lawful data processing conditions
- Master best practices for handling personal data securely
Study Guide
Cheat Sheet
- Understand the Seven Core Principles of GDPR - GDPR is built on nine golden rules like transparency, purpose limitation, and accountability that guide every step of data handling. Mastering these principles helps you become a privacy champion and ensures data stays in safe hands. DP Network Data Protection Principles
- Recognize Data Subject Rights - Individuals hold superpowers under GDPR, including the right to access, correct, erase, or even port their data. Knowing these rights inside out means you'll never be caught off guard and can keep everyone's privacy respected. St Andrews Data Protection Principles
- Identify Lawful Bases for Processing - Whether it's consent, contractual necessity, or a legal obligation, every data activity needs a solid legal foothold. Picking the right basis is like choosing the right tool for the job - it keeps you compliant and avoids nasty surprises. UCD GDPR Lawful Bases
- Implement Data Protection by Design and Default - Bake privacy into your projects from day one by adopting habits like minimal data collection and secure defaults. This proactive strategy turns compliance into second nature and keeps risk gremlins at bay. UCD Data Protection by Design
- Maintain Data Accuracy and Integrity - Outdated or incorrect info is a one-way ticket to compliance chaos. Set up easy update mechanisms so individuals can correct their data quickly, keeping your records fresh and trustworthy. UCD Data Accuracy & Integrity
- Establish Data Retention Policies - Decide exactly how long each piece of data hangs around - no more, no less. Regular reviews and secure deletions ensure you're only holding what's necessary, reducing clutter and privacy risk. UCD Retention Policies
- Ensure Data Security Measures - Lock down personal data with technical shields like encryption and firewalls, plus organizational armor like clear policies. Regular security check-ups help you stay ahead of evolving threats and sleep soundly. DP Network Data Security Principles
- Understand the Role of Data Protection Officers (DPOs) - In some organizations, a DPO is your GDPR guardian, monitoring compliance and being the go-to person for authorities and individuals. Knowing when and how to appoint one ensures you meet important regulatory checkpoints. GDPR Overview on Wikipedia
- Prepare for Data Breach Response - Even the best guards can slip up, so have a breach plan ready! Practice detecting, reporting within 72 hours, and communicating with affected individuals to turn chaos into calm. GDPR Overview on Wikipedia
- Document Compliance Efforts - Keep a clear log of all data processing activities: purposes, categories, retention periods, and more. This transparent trail shows you've got your GDPR ducks in a row and makes audits a breeze. Oxford Research Support Data Responsibilities
Explore More
Government Quizzes
AI-DraftedHuman-Reviewed
Reviewed by
Updated Feb 22, 2026