EXIN Privacy & Data Protection Professional (PDPP) 

This (EXIN Privacy & Data Protection Professional) is purely an exam for professional certification and not training. 

We provide you with an exam paper that will allow you to practice and better prepare for the actual exam that you will take once you are ready. 

You will be entitled to two attempts within a maximum of 1 year. 

A certificate will be awarded to you as soon as you pass the exam.

EXIN Privacy & Data Protection Professional covers the European privacy and data protection legislation and its international relevance, as well as the professional’s ability to apply this knowledge and understanding to everyday professional practice. 

With the ever-increasing explosion of information flooding the internet, every company needs to plan how to manage and protect privacy of persons and their data. Not without a reason, many new laws within the EU, as well as in the USA and many other regions, are formed to regulate both privacy and data protection. 

The European Commission has published the EU General Data Protection Regulation (GDPR), meaning that from the 25th of May 2018 on, all organizations concerned must comply with specific rules. This advanced-level certification builds on the subjects covered by the EXIN Privacy & Data Protection Foundation exam by focusing on the development and implementation of policies and procedures to comply with existing and new legislation, application of privacy and data protection guidelines and best practices, and by establishing a data protection management system (DPMS). 

The standard in the ISO/IEC 27000 series: ISO/IEC 27701:2019 Security Techniques Extension to ISO/IEC 27001 and ISO/IEC 27002 for Privacy Information Management Requirements and Guidelines is useful for organizations that want to show compliance with the GDPR. The content of this ISO standard helps fulfill the GDPR obligations of organizations regarding the processing of personal data. Neither the GDPR nor the ISO standard are exam literature. However, the literature matrix in Chapter 4 is designed to show the link between the exam requirements, the exam literature, the GDPR and the ISO/IEC 27701:2019 standard to give the certification a broader context.

EXIN Privacy & Data Protection Professional is a certification that validates a professional’s knowledge about: 

data protection policies 

privacy information management systems (PIMSs) 

roles of the controller, processor and data protection officer (DPO) 

data protection impact assessment (DPIA) 

data breaches, notification, and incident response

This advanced-level certification will be particularly useful to: 

data protection officers (DPOs) / privacy officers 

legal/compliance officers 

security officers 

business continuity managers 

data controllers 

data protection auditors (internal and external) 

privacy analysts 

HR-managers

Successful completion of the EXIN Privacy & Data Protection Professional exam. 

Accredited EXIN Privacy & Data Protection Professional training, including completion of the Practical Assignments. 

Examination details Examination type: 

Multiple-choice questions 

Number of questions: 40 

Pass mark: 65% (26/40 questions) 

Open book: The GDPR text may be consulted throughout the exam, it is provided as an appendix to the digital exam and candidates are required to bring their own copy for paper-based exams. 

Notes: No 

Electronic equipment/aides permitted: No 

Exam duration: 120 minutes 

Bloom level 

The EXIN Privacy & Data Protection Professional certification tests candidates at Bloom levels 2, 3 and 4 according to Bloom's revised taxonomy: 

Bloom level 2: Understanding - a step beyond remembering. Understanding shows that candidates comprehend what is presented and can evaluate how the learning material may be applied in their own environment. This type of questions aims to demonstrate that the candidate is able to organize, compare, interpret and choose the correct description of facts and ideas. 

Bloom level 3: Application - shows that candidates have the ability to make use of information in a context different from the one in which it was learned. This type of questions aims to demonstrate that the candidate is able to solve problems in new situations by applying acquired knowledge, facts, techniques and rules in a different, or new way. These questions usually contain a short scenario. 

Bloom level 4: Analysis - shows that candidates have the ability to break learned information down into its parts to understand it. This Bloom level is mainly tested in the Practical Assignments. The Practical Assignments aim to demonstrate that the candidate is able to examine and break information into parts by identifying motives or causes, make inferences and find evidence to support generalizations.

The EXIN Privacy & Data Protection Professional exam will be 100% online. 

Candidates will be asked to come to the 1simple1 offices or take the exam in our accredited exam room where they will be supervised in real time.

The EXIN Privacy & Data Protection Professional certification is part of the EXIN Privacy & Data Protection qualification program.

The exam for The EXIN Privacy & Data Protection Professional lasts 120 minutes. The candidate can only retake the exam if they fail during the 1 year validated as the duration of the training and certification. 

After 1 year, the candidate will be obliged to pay the exam fees again to take the exam.