Data Protection Representative - Art. 27 GDPR
Most companies outside of the European Union (EU) that process data of EU citizens and do not maintain an establishment within the EU have to designate a representative according to art. 27 of the General Data Protection Regulation (GDPR).
DURY can help you to decide if you need a EU representative acc. to art. 27 GDPR. We may as well become your designated EU representative. We offer our service in English, French and German.
Who needs a GDPR data protection representative within the EU?
Controllers and processors alike have to designate a EU representative if they process data of EU citizens and do not maintain an establishment within the EU. This is regulated in art. 27 of the GDPR. Recital 22 of the GDPR further explains what an "establishment" ist:
"Establishment implies the effective and real exercise of activity through stable arrangements. The legal form of such arrangements, whether through a branch or a subsidiary with a legal personality, is not the determining factor in that respect."
What are the duties of a EU data protection representative?
The EU data protection representative is acting as an adressee for all matters of data processing for the purposes of ensuring compliance with the GDPR, in particular though for communication with supervisory authorities and data subjects.
If you are unsure if you need to designate a EU representative for data protection, we can help. DURY also can act as your designated data protection representative. Please contact us for further information and for requesting an offer.
Our data protection team is at your service.