How does our EU and UK GDPR Service work?
Article 27 of the GDPR requires organizations established in all countries outside the EU (including the UK, post Brexit) that process personal data of residents from the European Economic Area (EEA) to appoint a Representative that:
- Acts as the point of contact for EEA residents to your company (if requested in their local language);
- Acts as a liaison between Data Protection Supervisory Authorities and your company, and enables supervisory authorities to pursue enforcement actions.
The EEA encompasses all countries of the European Union, Norway, Iceland, and Liechtenstein
So, if you don’t have an establishment in the EEA but sell goods or services to EEA residents; if you process personal data of EEA residents on behalf of companies (inside or outside the EEA) or if you, for any other means, process personal data of EEA residents, you need to appoint an EU GDPR Representative.
This is also required if you don’t explicitly target EEA residents with your services but still process personal data of them.
Post Bexit the UK government amended the Data Protection Act 2018 to enforce the UK GDPR. If you don’t have an establishment in the UK but sell goods or services to UK residents, you need to appoint an UK GDPR Representative.
GDPR Article 27:
When doing business in the EU, an EU GDPR representative can be obligatory.
When doing business in the UK, an UK GDPR representative can be obligatory.
Don’t wait for a penalty.
Why not organize it right now.
Contact us for more information on:
+31 88 8483 100
Our representative services includes:
Setting up your GDPR Representation
- Understand your data flows;
- Review previous gap analysis and impact assessments;
- Be aware of any (previous) breaches or non-compliance;
- Establish a copy of your Records of Processing Activities (RoPA).
Provide ongoing GDPR Representation
- Maintain and an up-to-date copy of your RoPA on an ongoing basis;
- Translate and respond to queries from European data protection authorities and residents;
- Advice on reporting and communication of personal data breaches;
- Log breaches reported to directly to the representative;
- Receive and log data subject rights requests and advise on suitable responses;
- On request, advise on data protection regulatory issues that impact your organisation.
A GDPR representative should be the least of your worries. Arrange it now and start the service to make sure you comply with EU data protection laws.
Are you a data-subject with a request about your personal data processed by the organizations we represent?
Please contact us, with your request at firstname.lastname@example.org
Our dedicated GDPR team
Our team consists of business analysts, legal, IT and GDPR professionals. Our skillset includes a high level of GDPR expertise, excellent communication skills and a can-do mentality, all of which we dedicate to your enterprise. We understand business needs and interests, so we appreciate the trade-off of GDPR accountability.
If you also need support for your DPO while conducting DPIAs or external audits, initiating awareness campaigns or any other relevant GDPR tasks, please do not hesitate to contact us.
News and blog articles about GDPR topics and interesting developments.
P.C.W. Cuijpers MSc
Vivenics Managing Director
IT consultant, Data Integrity expert
R. Verhoeven, LLM/MSc
IAPP CIPP/E, certified privacy professional
Privacy professional, business analyst
IAPP CIPP/T and Tulser GDPR graduate
C.N. de Vink, BSc
IT expert, privacy professional
IAPP CIPP/E, Security, Agile, Kanban, Prince II
J.C.M. Hoogzaad, BSc
J.H.T.M. Mommersteeg, BSc
Data Quality expert