If your business is based outside the EU, but you “conduct business in the EU”; discover why you need to appoint an EU Representative in order to ensure you’re protected & fully compliant with GDPR law.
Firstly, what is GDPR? …And who is it that really needs an EU Representative?
The General Data Protection Regulation (GDPR), provides a level of international protection for the personal data of EU citizens under Article 3.
Article 3 outlines that GDPR will apply to companies that are processing EU Citizens outside of the European Economic Area (EEA). GDPR imposes a variety of obligations, such as ensuring that they apply the core data protection principles and treat the data as is required by the GDPR.
This issue also comes into play for companies and organisations that are involved with the international transfer of data.
To assist with accountability, the GDPR establishes the role of the European Representative under Article 27. The role of EU Representative is a role distinct from the of a Data Protection Officer (DPO …for a variety of reasons. So…
The main focus of the European Representative is to be the first point of contact for data subjects and regulators who need to contact the organisation outside of the EEA, and
to act in accordance with the instructions that form part of the mandate appointing them.
While DPOs are expected to be given a degree of autonomy both when they are internal or external a company, in order to enable them to carry out their duties effectively and advise on the compliance issues relating to data protection.
In essence, the role of the EU Representative is a simple one and includes:
Though all activities they assist with should be dealt with under the written mandate, along with this, the appointing organisation should set out procedures and the correct lines of communication, so that all parties involved are aware of their duties and manage responses inline within the deadlines that are expected under the law.
When do you need to appoint an EU Representative?
This means that for compliance, companies that are operating outside of Europe by trying to market, offer goods or services in Europe, must appoint an EU Representative.
if they are NOT:
There are some areas in which confusion can arise with appointing a representative, such