Frequently Asked Questions
The data representative is the individual based in the EU who can act on behalf of your organisation when can contacted by relevant supervisory authorities for issues related to data processing.
GDPR covers what an EU GDPR representative is in Article 27, it states that the data representative is:
- Nominated by the controller or processor to be addressed in addition to the controller or processor (by EU regulatory bodies)
- Established in a member state where you process personal data (or monitor behavior)
Any company that is not part of the EU but are treating data from a client in Europe will need to appoint an EU GDPR representative.
A representative needs to be appointed if your organisations activities require you to process data from Europe, so, this would mean UK companies after Brexit.
A party based in the EU with expert knowledge of GDPR, because this individual needs to have the competence to act on your companys behalf in these matters, any failings by this party would lead to fines and further problems for your organisation.