The EU representative is an EU based local point of contact for the organisation they represent, who can communicate with individuals and data protection authorities on behalf of the organisation in relation to data protection matters.
What are the rules?
The extract below is taken from the ICO website, it states:
“If you are based in the UK and do not have a branch, office or other establishment in any other EU or EEA state, but you either:
offer goods or services to individuals in the EEA; or
monitor the behaviour of individuals in the EEA,
then you still need to comply with the EU GDPR regarding this processing.
As you do not have a base inside the EEA, the EU GDPR requires you to appoint a representative in the EEA. This representative needs to be set up in an EU or EEA state where some of the individuals whose personal data you are processing in this way are located.
You need to authorise the representative, in writing, to act on your behalf regarding your EU GDPR compliance, and to deal with any supervisory authorities or data subjects in this respect.
Your representative may be an individual, or a company or organisation established in the EEA, and must be able to represent you regarding your obligations under the EU GDPR (e.g. a law firm, consultancy or private company). In practice the easiest way to appoint a representative may be under a simple service contract.
You should give details of your representative to EEA-based individuals whose personal data you are processing. This may be done by including them in your privacy notice or in the upfront information you give them when you collect their data. You must also make it easily accessible to supervisory authorities – for example by publishing it on your website.
Your appointment of your representative must be in writing and should set out the terms of your relationship with them. Having a representative does not affect your own responsibility or liability under the EU GDPR.”
Note – Our EU Representative service starts from as little as £58.00 + VAT per month
EU Representative – Next Steps
Get in touch with us to discuss your requirements. One of our specialist data protection consultants can advise you further with regards to our services and the monthly fees that apply.
We also offer a FREE DPO Discussion to run through your current compliance with UK GDPR and you can discuss with us whether or not you are required to appoint a UK based data protection representative.
This call takes about 45 minutes to complete.
Engaging Data Privacy Services
Engaging Data Privacy Services to be your UK Representative is a fairly straightforward process.