Share

2 min read

Writen by Zlatko Delev

Posted on: July 28, 2022

Do I need an Article 27 Representative?

What is an Article 27 Representative?

Article 27 is one of GDPR’s most mis-understood requirements. Just like the other 98 articles, Article 27 forms part of your overall GDPR position and is part of your legal obligation. Put simply, if you are based outside of the EU, don’t have an entity inside the EU and you happen to process data relating to EU citizens then you need to appoint a representative to act as your representative – your Article 27 Representative. Same applies to UK citizens, if you process data about UK citizens and don’t have an entity in the UK you need to appoint a rep in the UK.  If you process UK and EU data and don’t have an entity in either territory you will need to appoint a representative in BOTH territories.

Where you can find more information about an Article 27 EU Representative ? 

This is a simplified version, for more information take a look at the links below or just contact us to discuss.  There is a handy self-assessment link on our site at: https://gdprlocal.com

Article 27 applies: https://gdpr-info.eu/art-27-gdpr/

Recital 80 is useful: https://gdpr-info.eu/recitals/no-80/

..and the ico provide probably the easiest to understand version: https://ico.org.uk/for-organisations/dp-at-the-end-of-the-transition-period/data-protection-and-the-eu-in-detail/the-uk-gdpr/european-representatives/

Who is an Exempt of Article 27 ? We get lots of questions about whether a company is exempt if they only process data occasionally, this exemption almost never applies but Article 49 defines ‘occasional’ – this is defined as, ‘more than once but not repetitive’. https://gdpr-info.eu/art-49-gdpr/

Also, there are exemptions for example, if our processing is only occasional, of low risk to the data protection rights of individuals, and does not involve the large-scale use of special category or criminal offence data.  It is important to note that these exemptions are defined as ‘or’ – not ‘and’ – again, this exemption hardly ever applies. [See WP29 note]. https://edpb.europa.eu/about-edpb/more-about-edpb/article-29-working-party_en

Hope this answers your questions – sorry this is quite technical, contact us anytime to discuss.

Contact Us

Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
Zlatko, Adam, Hristina, Marin.

Contact Us

Recent blogs

Cookie Compliance

On 9th August 2022, noyb.eu lodged 226 GDPR complaints with 18 authorities against websites that us

Do I need to register with the ICO?

UK companies who collect, store, or process personal data may need to register with the ICO however

Do I need an Article 27 Representative?

What is an Article 27 Representative? Article 27 is one of GDPR’s most mis-understood requirem

Get Your Account Now

Setup in just 5 minutes. Enter your company details and choose the EU Representative services you need.

Give Us a Call

Not sure whether EU Representative applies to you or which option to choose? Call, email, chat to us anytime.

06 GDPR INFO

Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.