Certified Information Privacy Manager (CIPM) Practice Exam

The correct choice focuses on the comprehensive nature of data protection rights as defined by the General Data Protection Regulation (GDPR). These rights empower individuals regarding their personal data and include six fundamental rights:

1. **Access** - Individuals have the right to obtain confirmation from data controllers as to whether or not their personal data is being processed, and where that is the case, access to the personal data and related information.

2. **Rectification** - This right allows individuals to request the correction of inaccurate personal data or complete incomplete personal data held about them.

3. **Erasure** (also known as the 'right to be forgotten') - Individuals can request the deletion of personal data when it is no longer necessary for the purpose for which it was collected or if they withdraw consent.

4. **Restriction of processing** - Individuals can request that the processing of their personal data be restricted, which means that the data can still be stored but not further processed.

5. **Portability** - This right enables individuals to request their personal data in a structured, commonly used, and machine-readable format for transmission to another data controller.

6. **Objection** - Individuals have the right to object to the processing of their personal data, especially if the