Skip to Main Content
This website uses cookies. View our cookie policy
Close
0
USA
Select regional store:
Please enter more than 3 characters
Save 15% on ISO 27001 products and services by taking our 3 minute survey. T&Cs apply. Start the survey >>
Data Protection / EU GDPR > Data Protection / EU GDPR Consultancy > GDPR EU Representative
GDPR EU - Representative

GDPR EU Representative

SKU: 4969
Format: Consultancy
Published: 20 Jun 2018
(0 reviews)

Our EU representative service enables companies in North America that fall within the scope of the GDPR to meet their obligations under Article 27.

Inquire now
CALL TO ORDER

You may also be interested in

GDPR data flow audit
GDPR data flow audit
ISO27001 Compliance Database and Update Service
Compliance Manager
DPO as a service (GDPR)
DPO as a service (GDPR)
GDPR Manager
GDPR Manager

Description

Appointing an EU representative

Organizations in North America that offer goods or services to individuals in the EU or monitor their behavior will generally have to appoint a representative established in an EU member state. The representative acts on your behalf in relation to your personal data processing activities and acts as a local contact for data subjects and supervisory authorities.

 

When do you need a representative?

Under Article 27 of the GDPR, organizations without a physical presence in the EU need to designate, in writing, an EU-based representative to deal with various aspects relating to data protection on behalf of or in conjunction with the organization. There are exemptions to this rule. The first is if the processing is occasional, does not include, on a large scale, processing of special categories of data or data relating to criminal convictions, and is unlikely to result in a risk to the rights and freedoms of individuals. The second is if the organization is a public authority or body.

Simply having a subsidiary based in the EU may not excuse you from needing an EU representative. If the subsidiary is managed at arm’s length via a services or distribution agreement and that EU based subsidiary entity doesn’t have control over the data-related decisions of the business, or the power to implement them, then the subsidiary may not be considered to have a main establishment in the EU for the purposes of GDPR, and therefore your organization may still need to designate an EU representative.

 

Our GDPR EU representative service

With this annual subscription service you will be supported by our qualified data privacy, legal and compliance team (GRCI Law1), which will serve as your EU representative as set out in the GDPR.

As appointed EU representative we shall:

  • Register our EU address as your GDPR representative address.
  • Be addressed on all issues related to your personal data processing activities.
  • Act as first point of contact for communications received from EU-based data subjects in relation to data subject rights requests and other general GDPR-related enquiries.
  • Act as first point of contact for communications received from EU supervisory authorities and liaise with them on all matters pertaining to the GDPR, e.g. responding to data subject rights complaints and personal data breach reporting.
  • Hold a record of your processing activities and make these available to the data protection authorities at their request.

1The GDPR EU Representative service is provided by GRCI Law Limited, a specialist in legal and compliance advisory services relating to data privacy, cybersecurity and information security (and a subsidiary of GRC International Group plc).

 

Speak to an expert

Please contact us for further information or to speak to our GDPR team.

+1 877 317 3454

Send inquiry

Customer Reviews

stars out of 5
(0# of Ratings:)
(Only registered customers can rate)
Loading...