EU representative according to the GDPR
Does my company need an EU representative?
If your company has no offices, branches or other establishments in the EU, yet conducts business with European clients you have to appoint an EU representative. Specifically, under the GDPR, you must appoint an EU representative if you process personal data in the following contexts:
- the offering of goods or services to individuals in the EU (irrespective of whether they are free of charge), or
- the monitoring of behaviour of individuals in the EU (as far as their behaviour takes place within the EU).
This obligation applies to both, controllers and processors.
What will the EU representative do for me?
The EU representative is your local liaison with the data subjects and the supervisory authorities. Thus, the representative acts on behalf of the controller or the processor with regard to their obligations under the GDPR.
The EU representative also maintains your records of processing activities (ROPA) and makes these records available to the supervisory authorities upon their request.
How can I choose the best EU representative?
EU representatives may be external service providers, either individuals or organizations, such as law firms, consultancies, private companies etc. They must be based in one of the countries where your customers or monitored data subjects are located.
The GDPR does not specify the minimum qualifications EU representatives must hold. However, it is strongly advisable to consider a representative that has a broad understanding of legal and technical data protection issues in order to be able to communicate with the authorities efficiently.
Furthermore, as a contact point between the company and data subjects or authorities, knowledge of local languages is necessary.
4 good reasons why you should choose activeMind.legal as your EU representative
We are a well-established law firm with offices in Berlin and Munich. Our lawyers and experts have many years of experience and various data protection and data security certifications.
We have broad experience in dealing with local authorities in the EU, as well as with data subjects. We also assist our clients with processing records on a daily basis.
Our international team speaks 10+ European languages and knows the data protection laws of many EU countries in detail.
If necessary, we can help you with all questions about EU data protection law and support you in setting up a data protection management system (DPMS).