Accredited Member Employees

Corporate Accreditation

Accredited Member Employees

Corporate Accreditation

Accredited Member Employees

Corporate Accreditation

Market leading, cost-effective UK and European GDPR Article 27 Data Protection Representation Services

If you’re looking for a data protection representative that complies with GDPR Article 27 in the United Kingdom or Europe… we’re here for you

We’ve built our “Brexit proof” representative services with flexibility and cost-effectiveness in mind. We’re confident you won’t find better value.

Request a Free Consultation

We offer businesses UK and EU Representatives to ensure they comply with GDPR laws - Article 27

GDPR representative services are required by businesses that are based outside of the UK and / or EU, but sell products and services, or monitor the behaviour of individuals there.

Appointing a GDPR EU representative can prove difficult for many businesses, especially those that are placing the trust with someone external to their business, or those who may be limited due to budget constraints.

Whilst we appreciate the position many businesses across the globe find themselves in, they are often unaware that they are breaching data protection regulations that carry hefty fines of up to €20,000,000 or 4% of their annual global turnover.

Get a Quote Now

We're global, and can represent you no matter where you're based

In addition to our special representation packages, all of our training , support and support packages are available on a global basis.

No matter where you’re based, we have an in-depth knowledge of the data protection regulations you’re already complying with.

Wherever you’re based, trust TDW to bring you up to speed, protect your business and help you to protect your clients’ data.

Request a Free Consultation

All of our Representative packages include:

Unlimited contacts from data subjects who want to exercise their subject rights.

We’ll provide you with a Certificate so you can demonstrate compliance with Article 27.

We’ll let you use our contact details on your website and literature.

Unlimited contact and liaison between any regulator and your organisation.

We’ll keep you up to date with all regulatory guidance, enforcement and developments.

You will have access to our team of global data protection experts for phone support.

Unlimited Data Breach Support, guidance and reporting if required.

We will qualify contacts and only involve you when we have to, saving you time.

Get in touch

Our GDPR EU Representative Packages

We help businesses of all sizes comply with Article 27 of the General Data Protection Regulation, by appointing a local representative in the UK and / or EU states they operate in.

The role of a UK / EU representative is to act as a liaison between individuals and the data protection authorities, ensuring a business is compliant and protected should a breach occur.

Our GDPR representative services offer this and much more. We will ensure you’re registered with all of the relevant data authorities, handle any breach reporting and management, provide training to your non-EU based staff if applicable, and more.

With local representatives in every state within the EU, your company can become compliant with Article 27 incredibly quickly, ensuring you’re never at risk of the €18 million or 4% of company turnover fines that the authorities can impose.

  • Representative services in the UK, EU or both territories
  • Local Representative – registration with authorities.
  • Breach Reporting
  • Help to create a record of processing activities
  • Training if required
  • GDPR compliant Salpo CRM if required
  • Annual Audits
  • Third party processor guidelines.

Do you need a GDPR / RGPD representative?

In essence, if you are based outside of the UK and / or EU and use the personal data of people within the UK or European Union to sell to them and monitor activity, you must appoint a local representative based in that territory. We are based in Manchester UK and Amsterdam, so we can represent you across the UK and Europe.

This includes companies that offer products for free, as the processing of data takes place which could result in a subject access request or a breach of regulations.

What are the duties of a representative?

The role of a European representative is very different to that of a Data Protection Officer.

Becoming a data protection officer within your organisation is a much more hands-on role, where the DPO assists in the compliance of GDPR, carrying out audits, ensuring policies are communicated and implemented, for example. We can be your Data Protection Officer in addition to your representative.

In comparison, a GDPR Article 27 Representative acts as a liaison between subjects and the local data authority. They essentially make the process of dealing with any issues or implementation of guidance much simpler, as they can communicate with subjects in local languages and have a more in-depth knowledge of the authorities in their area.

How do you hire a GDPR representative?

Article 27 of the GDPR / RGDP states that the appointment of an Article 27 representative must be made in writing.

This should create a clear agreement of what the rights and obligations of the representative will be, establishing how the European representative will handle the liaison between subjects and authorities, plus manage the implementation of the company’s data processing policies.

Because the responsibility of a RGDP / GDPR representative differs from that of a DPO, it isn’t a requirement that they are specifically trained in terms of local law & GDPR, however for them to carry out their position effectively, communication and understanding is essential.

This is why many businesses turn to outsourcing their EU representation, where locally-based experts who are knowledgable regarding laws and authorities, can notify the business of any issues that need their attention whilst taking much of the hard work away from them.

Request a Free Consultation

To what extent can the representative be held liable?

When you’ve appointed an Article 27 representative, they should be held accountable for meeting the regulatory obligations of processing data particularly when it comes to residents of the EU.

This liability includes enforcement notices and actions by the data protection authorities, should there be an instance of non-compliance, but your representative cannot be made liable for penalties. You are always legally responsible for any penalties yourself.

Do I need a representative in every state that my business sells to?

Do you deal with customers in more than one of the member states?

You don’t need to appoint a GDPR representative in each of the territories, instead, you can appoint one in a country of your choosing. Our European Office is in Amsterdam so we can represent you across Europe from there and our UK office is in Manchester so we can represent you in both territories.

It may be necessary if there’s a ‘no deal’ Brexit to appoint a representative in both the UK and EU

It's not just about GDPR

Univate are experts in Global Data Protection, we can support you with all Global Data Protection Regulations, guidance and transfer mechanisms.

The General Data Protection Regulation (GDPR) is just one of the regulations in Europe together with the Privacy and Electronic Communications Regulation (PECR) and the ePrivacy Regulations and in the UK there is also the UK Data Protection Act 2018. Don’t risk your compliance with a firm that doesn’t cover all the regulations.