What is CIPP/E?
The CIPP/E (Certified Information Privacy Professional / Europe) is a professional certification issued by the International Association of Privacy Professionals (IAPP) covering European data protection law. CIPP/E is widely regarded as the leading credential for demonstrating expertise in the EU General Data Protection Regulation (GDPR), the ePrivacy Directive, and related European privacy frameworks.
What does CIPP/E cover?
The CIPP/E Body of Knowledge spans: (i) European data protection law and regulation, including the Council of Europe Convention 108+, the EU Charter and Treaties, and the GDPR; (ii) personal-data processing roles (controller, processor, joint controller); (iii) legal bases for processing; (iv) data-subject rights; (v) international data transfers (adequacy decisions, SCCs, BCRs, derogations); (vi) supervision and enforcement; and (vii) compliance for specific contexts such as employment, marketing and law enforcement.
Who should hold CIPP/E?
CIPP/E is targeted at DPOs, privacy and compliance counsel, in-house lawyers handling EU customer data, vendor-management leads, and any privacy professional with responsibility for GDPR compliance — including non-EU professionals serving EU subjects under Article 3(2). For Turkish practitioners, CIPP/E pairs naturally with KVKK expertise and increasingly with EU AI Act and DSA work.
Exam format
The CIPP/E exam contains 90 multiple-choice questions delivered through Pearson VUE in 2.5 hours, with a scaled passing score of 300/500. The IAPP publishes a detailed Body of Knowledge and recommends 30–60 hours of preparation.
CIPP/E vs. CIPP/US vs. CIPM
CIPP/E covers European substantive law; CIPP/US covers U.S. substantive law; and CIPM covers program management. Privacy leaders often hold both a regional CIPP and CIPM, and may add ISO/IEC 27701 at the organisational level.