Data Privacy Basics
This Philippine law protects personal information in both government and private sectors.
A. Data Privacy Act of 2012 (RA 10173)
B. Data Privacy Act of 2012 (RA 17301)
C. Data Privacy Act of 2012 (RA 13017)
A. Data Privacy Act of 2012 (RA 10173)
Name, address, email address, and contact number belong to this category of data.
A. Personal Information (PI)
B. Sensitive Personal Information (SPI)
C. Privileged Information
A. Personal Information (PI)
The right to know how your data is collected, used, and stored.
A. Right to Rectification/Correction
B. Right to Erasure or Blocking
C. Right to be Informed
C. Right to be Informed
A recruiter emails a spreadsheet containing applicant resumes and contact details to a person who falsely claimed to be a hiring manager without first verifying the request. What type of data breach occurred?
A. Integrity Breach
B. Confidentiality Breach
C. Availability Breach
B. Confidentiality Breach
A fraudulent email designed to trick recipients into revealing information.
A. Quishing
B. Phishing
C. Smishing
B. Phishing
An individual whose personal data is collected and processed.
A. National Privacy Commission
B. Data Protection Officer
C. Data Subject
C. Data Subject
Race, health information, and government IDs belong to this category.
A. Personal Information (PI)
B. Sensitive Personal Information (SPI)
C. Privileged Information
B. Sensitive Personal Information (SPI)
What is the Right to Access?
A. A right that allows a data subject to request deletion of unlawfully processed personal data.
B. A right that allows a person to transfer or reuse their personal data for their own purposes.
C. A right that allows the data subjects to obtain a copy of their personal data.
C. A right that allows the data subjects to obtain a copy of their personal data.
This happens when someone changes a person’s personal information in a system without permission, affecting the accuracy and integrity of the data.
A. Integrity Breach
B. Confidentiality Breach
C. Availability Breach
A. Integrity Breach
Which of the following is not a common phishing indicator?
A. suspicious sender address
B. suspicious links
C. corporate email that matches the organization
C. corporate email that matches the organization
Who is the person responsible for the overall management of compliance with the Data Privacy Act?
A. Data Subject
B. National Privacy Commission
C. Data Protection Officer
C. Data Protection Officer
Mynimo archives this type of data after 12 months.
A. Customer Data
B. Employee Data
C. Job Application Data
C. Job Application Data
The right to request deletion of unlawfully processed personal data.
A. Right to Erasure or Blocking
B. Right to Rectification/Correction
C. Right to Data Portability
A. Right to Erasure or Blocking
Employees must report a suspected breach to the DPO within this period.
A. 48 hours
B. 72 hours
C. 24 hours
C. 24 hours
What to do when you receive an email with suspicious attachments?
A. Download the attachment
B. Avoid downloading the attachments
C. Forward the attachments to the partners
B. Avoid downloading the attachments
It's the principle requiring personal data processing to be adequate, relevant, suitable, and not excessive.
A. Transparency
B. Legitimate Purpose
C. Proportionality
C. Proportionality
Which of the following is not Mynimo's Data Subject?
A. Customer's Employees
B. Jobseekers
C. Employees
A. Customer's Employees
What is the Right to Data Portability?
A. The right to know how your data is collected, used, and stored.
B. The right allowing a person to obtain and reuse their personal data.
C. The right to correct inaccurate or incomplete information.
B. The right allowing a person to obtain and reuse their personal data.
The NPC and affected data subjects must generally be notified within this timeframe after knowledge of a reportable breach.
A. 24 hours
B. 48 hours
C. 72 hours
C. 72 hours
Who is the Mynimo Privacy Team?
Everyone in the company
The acronym ABCD-S stands for these five pillars of privacy compliance.
A. Awareness, Breach Management, Compliance, Data Protection Officer, and Security Measures
B. Awesomeness, Breach Management, Compliance, Data Protection Officer, and Security Measures
C. Awareness, Breach Management, Compliance, Data Subject, and Security Measures
A. Awareness, Breach Management, Compliance, Data Protection Officer, and Security Measures
Name three examples of data collected from employees.
Answers could be one of the following:
Name, date of birth, address, contact information, government-issued IDs, job position, employment history, performance evaluations, salary information, educational attainment, certifications, pre-employment medical exams, health declarations, emergency contact information, bank account details, TIN, SSS, Pag-IBIG,PhilHealth
This right allows a data subject to seek compensation for damages resulting from privacy violations.
A. Right to File a Complaint
B. Right to be Indemnified
C. Right to Rectification
B. Right to be Indemnified
Name all three types of data breaches.
Confidentiality, Integrity, and Availability Breaches
What is the email address of Pytera's Data Protection Officer?
privacy@mynimo.com