EU and UK Representation Services required by GDPR Article 27

EU and UK Representation Services Required by GDPR Article 27

Our service provides you access to established and experienced GDPR representation services across the UK and all EU member states from our team of qualified GDPR and data protection professionals. The Representative can liaise with supervisory authorities, supervise Data Subject Access Requests (DSARs), build and maintain Record of Processing Activities (RoPA).

The DPO Centre can provide:

EU Representation to organisations outside the EEA
UK Representation to organisations outside the UK, after 31st December 2020
EU Representation for UK & other organisations outside the EEA, post after 31st December 2020

Click here to find out more about when and why you need GDPR Representation.

Enquire now

Representation for Non-EU Data Controllers - GDPR DPO Services

TERRITORIAL SCOPE

After 31st December 2020, at the end of the transition period, the UK Government’s current position is that data controllers or processors located outside the UK that process the personal data of UK citizens will need to appoint a UK Representative.

EU law will continue to require organisations based outside the EEA (including the UK) that process data on EU residents, to have an EU Representative. If an organisation processes personal data of data subjects residing in a limited number of EU states, then its Representative should have a presence in one of those states.

This position may change during the transition period negotiations but probablyrepresents the most likely outcome.

During Transition period, we can provide representation for organisations in the UK or any other country within the EU through our London office
After 31st December 2020, representation and translation services within the EU will be provided through our Dublin or other EU city offices

The DPO Centre provides local representation and translation services both in the UK and any of the 27 member states across continental Europe.

This includes a physical address in any member state to use on your privacy policy and a local telephone number answered in the native language.

You can always remain compliant with Article 27 of the GDPR even if you only process the personal data of data subjects that reside in the UK or a specific EU member state.

HOW THE SERVICE WORKS

Initial Onboarding

Ensuring your privacy policies and contact details are in place

Establishing your Records of Processing Activities (RoPA)

Ensuring Ongoing Compliance

Maintaining and updating your RoPA with new dataflows and processes

Translating and triaging data subject rights requests and assist with appropriate responses

Ensuring DSARs are responded to appropriately

Informing and advising you on data protection issues impacting your operations

LOCAL REPRESENTATION IN THE UK AND ACROSS ANY OF THE OTHER 27 MEMBER STATES

If the data you process or the service you provide is directed at data subjects that reside in a specific member state or states, we can also provide local representation services in the UK and any of the 27 member states across continental Europe. Where this is required, you will be provided with our physical address in that member state to publish on your privacy policy, together with a local telephone number answered in the local language. Any email correspondence will, where necessary, pass through our professional proxy online translation service, meaning we receive requests in English, then return them via the service to arrive in the local language, therefore enabling us to deliver our service, seamlessly, in all the major Worldwide languages.