To work out whether or not you need an EU Representative, ask yourself the following questions:
If you answered yes to all of these, you likely need to appoint a representative in the EU to be a point of contact for data protection enquiries from data subjects (individuals) or data protection authorities (e.g. CNIL in France).
Under the EU GDPR (General Data Protection Regulation), data controllers and processors outside the EU offering goods or services to, or monitoring the behaviour of, data subjects in the EU must appoint an EU representative. The EU representative acts as a local contact for data subjects and supervisory authorities in relation to all issues arising from the processing of personal data.
The UK GDPR has a similar requirement in that data controllers and processors outside the UK offering goods or services to, or monitoring the behaviour of, data subjects the UK are required to appoint a UK representative.
The UK representative must be based in the UK and will act as a contact point for UK residents and the ICO (Information Commissioner’s Office).
Our annual subscription service is delivered by IT Governance Europe, which will serve as your EU representative, in compliance with Article 27 of the EU GDPR. IT Governance Europe is incorporated and based in the Republic of Ireland.
We will:
Download the EU representative service description to learn more
Between your organisation, data protection authorities and data subjects
Buy online and ensure you meet Article 27 obligations
Of your data processing activities and make it available to data protection authorities on request
We don't charge based on how many enquiries we receive
Between your organisation and data subjects or data protection authorities
Get easy access to additional data protection and privacy support from our wide range of services
This service applies to single-entity organisations with between 1 and 500 staff. For organisations with more than 500 employees or multiple entities, we can provide a bespoke solution to meet your requirements. The service can be delivered to organisations in any sector or industry.
Please note that this service does not include advice or guidance on Article 30 records of processing activities, however we can offer consultancy support to help you with this if necessary.
Support is available between Monday and Friday, 9:00 am – 5:00 pm.
Why is it cheaper to buy online?
What does an EU representative do?
What does monitoring the behaviour of individuals mean?
Are there any exceptions to this?
When should I put this in place?
Why is it important to act now?
What is included in the service?
Do I need a separate EU representative for all the companies in my group?
Where is your EU representative based ?
Does it matter where my EU representative is based?
Do you charge extra depending on the number of data subjects our organisation deals with?
Are translation services included in the price?
Does the EU representative need to be registered?
What should my Article 30 Record contain?
Our organisation has fewer than 250 employees am I required to have an Article 30 record?
Will you review or advise us on our Article 30 record?
How soon do you need my Article 30 record?
If a data subject contacts you, do you deal directly with the query?
Would you provide the Article 30 record to a data protection authority without consulting us?
Enjoy the benefits of paying by purchase order with a GRCI Law corporate account. Apply online today or call our service centre team on +44 (0)333 900 5555.
We are a specialist consultancy firm offering a full suite of data protection and privacy legal and compliance solutions and associated non-reserved legal services. Our clients operate globally in a wide range of sectors including health and social care, education, professional services, retail, technology, media and telecoms.
We are market leaders in terms of depth and breadth of experience. Our team of lawyers and DPOs (data protection officers) have decades of experience and sector-specific knowledge between them.
We offer legal risk and compliance consultancy advice that you can trust, but without the burden of administrative duties and expenses that law firms must bear to carry out certain ‘reserved legal activities’, such as litigation, conveyancing and advocacy.
Christina Maclean – Managing Executive
Christina has overall responsibility for the running of GRCI Law. She oversees commercial strategy, client relationship management, product development and new business. She has a track record of driving growth through evidence-based strategy and providing excellent client service. She is a non-practising solicitor with a background in business development, marketing, communications and broadcast media.
Loredana Tassone – Managing Consultant, Head of EU & UK Representative Service
Loredana oversees operations, service delivery, and management and development of the consultant team. She has more than 15 years’ experience in the fields of privacy rights, data protection and cyber security in both the private and public sectors. She is a specialist in international and European law, and a qualified attorney at law in France and Italy. Based in Brussels, she advises GRCI Law clients on a wide range of data privacy issues. She is a certified GDPR consultant, DPO and trainer, and has worked at the European Court of Human Rights, at the Directorate General of Human Rights and Legal Affairs of the Council of Europe, and for international law firms in the EU.
If you have any queries or you’re unsure of how to progress, please get in touch with our team of experts who will be able to assist with your enquiry and provide guidance options.