Under Article 27 of the GDPR, a company that targets its good or services into the EU, or monitors EU data subjects, but does not have an EU-based establishment must have an EU-based Representative.
The Representative has the following important responsibilities:
- Acts as the contact point for data subjects and the supervisory authorities in the EU;
- Provides any information the Supervisory Authorities require for the performance of their tasks; and
- Maintains a copy of the Article 30 Record of Processing Activities (RoPA) of the non-EU company.
How do we help?
We offer independent, specialized Article 27 representative support to act as your organization's point of contact for relevant data subjects and supervisory authorities.
Does my organization need to appoint an Article 27 Representative?
Take our self-assessment questionnaire to determine what type of representation you may need.