EU representatives – your FAQ’s answered
Here at GDPRlocal, we get lots of questions about what exactly an EU Representative is, what they do and whether your business actually needs one. We’ve produced a list of our most frequently asked questions to help you better understand this little-known piece of the GDPR.
- What is an EU Representative?
An EU Representative is individual, a company or an organisation established in the EEA that represents you in your obligations to the GDPR. This means that there is a representative of your company in, or close to the home states of data subjects.
- What is the role of an EU Representative?
For UK businesses, an EU Representative will serve as the point of contact between the business, the ICO (Information Commissioner’s Office) and data subjects. They will also respond to any queries the ICO or data subjects have, make records available to the ICO and maintain records of your businesses data processing activities. EU representatives represent non-EU based organisations and fulfil the requirements of the GDPR.
- I have a DPO, do I need an EU Representative?
Although the two roles sound similar, don’t get confused. If you trade in the EEA and the UK, you need an EU Representative, even if you have a DPO. This is to ensure that EU citizens have access to a representative of your business in their territory.
- Do I really need an EU Representative
You only need an EU representative if you monitor or provide goods or services to EU residents. If you only trade in the UK, you do not need one. There are only a few exceptions, so it’s best to contact us if you trade in the EU but don’t think that you require one.
We understand that many businesses were not aware that they would need an EU Representative until recently and that this could be a stressful period for you. Not to worry- we’re here to help in all matters GDPR. Our new website, provides you with fast, secure and expert EU Representation you can rely on.
As per the GDPR Regulative there are certain rights that data subjects can obtain. One of the
The lawful bases for processing are set out in Article 6 of the UK GDPR. At least one of these must
Very beneficial blog has been shared by Ali Shah, Head of Technology Policy Blog:Building on the