Who Really Needs An EU Representative?

If your business is based outside the EU, but you “conduct business in the EU”; discover why you need to appoint an EU Representative in order to ensure you’re protected & fully compliant with GDPR law.

Firstly, what is GDPR? …And who is it that really needs an EU Representative?

The General Data Protection Regulation (GDPR), provides a level of international protection for the personal data of EU citizens under Article 3.

Article 3 outlines that GDPR will apply to companies that are processing EU Citizens outside of the European Economic Area (EEA). GDPR imposes a variety of obligations, such as ensuring that they apply the core data protection principles and treat the data as is required by the GDPR.

This issue also comes into play for companies and organisations that are involved with the international transfer of data.

To assist with accountability, the GDPR establishes the role of the European Representative under Article 27. The role of EU Representative is a role distinct from the of a Data Protection Officer (DPO …for a variety of reasons. So…

What does a EU Representative do?

The main focus of the European Representative is to be the first point of contact for data subjects and regulators who need to contact the organisation outside of the EEA, and
to act in accordance with the instructions that form part of the mandate appointing them.

While DPOs are expected to be given a degree of autonomy both when they are internal or external a company, in order to enable them to carry out their duties effectively and advise on the compliance issues relating to data protection.

Top 3 Key roles of an EU Representative

In essence, the role of the EU Representative is a simple one and includes:

  • To be the first point of contact in Europe.
  • To receive any complaints and communications in Europe and forward these onto the relevant person within the organisation.
  • To liaise between the parties involved with a complaint and provide any assistance when required.

Though all activities they assist with should be dealt with under the written mandate, along with this, the appointing organisation should set out procedures and the correct lines of communication, so that all parties involved are aware of their duties and manage responses inline within the deadlines that are expected under the law.

When do you need to appoint an EU Representative?

This means that for compliance, companies that are operating outside of Europe by trying to market, offer goods or services in Europe, must appoint an EU Representative.

if they are NOT:

 

 

  •  not a public authority or body
  • and they are regularly processing personal data on a large scale
  • or processing sensitive data.

There are some areas in which confusion can arise with appointing a representative, such