What is an Authorized EU Representative?
Your representation and liaison point to EU-Data Protection Authorities (EDPA) and EU-data subjects.
GTK Data will take on all communication with EU-Data Protection Authorities (DPAs) and EU-data-subjects. We keep your records of processing activities on file and will check with you for regular updates.
Pursuant to Article 27 of GDPR your EU-Representative must be located in one country of the EU where your company processes personal data or where data-subjects whose data you process live or stay.
When do you need an Authorized EU Representative?
You may need an Authorized EU Representative if you offer goods or services to customers in the EU. We offer a legal assessment in a personal conversation free of charge - done by a certified data-specialist.
You go through our questionnaire in a phone call with a certified data-specialist.
If you prefer email-communication please send your request here:
Very limited exemptions apply:
Do you need an Authorized EU Representative?
If your company is located outside the EU there are 3 questions:
If you answer is YES to one of the questions and you don´t have a presence in Europe you need to appoint an Authorized Eu Representative.
This obligation applies to data-controllers and data processors.*
* Very limited exemtions apply:
No EU representative needs to be appointed if the processing is occasional, does not include – on a large scale – special categories of data (Art. 9 GDPR) or processing of personal data relating to criminal convictions and offences (Art. 10 GDPR) and is unlikely to constitute a specific risk due to the nature, context, scope and purposes of the processing. These conditions need to apply cumulative.
Also, public authorities or bodies do not need to appoint an EU representative.
Who is GTK Data?
GTK Data is your specialist for providing
EU Representation services to UK and all Non-EU companies.
GTK Data is a specialist for EU Representation. We also offer UK Representation through one of our partners.
We are certified Data Protection Officers with qualifications as Lawyers in Germany, Solicitors in England and Wales and certifications by the Technical Control Board of Germany (TÜV) and the Academy of the Chamber of Commerce (IHK Akademie Koblenz).
We offer representation services for all Non-EU companies in the EU (and in the UK), for EU companies to have a representation in the UK and for UK companies to have a representation in the EU.
GDPR has opening clauses and different languages which vary from country to country.
GTK Data will help you to keep up with the challenges of this legal and language situation.
We will communicate with you in English and with the EU countries in the local official language.
Why do you need a Foothold in the EU-market?
GDPR requires that you have a legal basis in the EU for your business, either an establishment or an EU Representative.
The EU Representative is your legal foothold in the market and a mandatory liaison point with Regulatory Authorities.
With GTK Data you do not need to open a subsidiary in the EU.
You run your business, GTK Data will do the administration with regards to matters GDPR.
Requests from and communication with the EDPAs (European Data Protection Authorities) will be much easier and more cost-efficient for you with us representing your company in the EU.
In this respect the EU-Representative is the extended arm of your Non-EU company’s customer service.
Are you compliant with Article 27 GDPR?
If you process personal data of EU data-subjects – either as a controller or a processor – you need a representative in an EU-country. Only one representative in the EU is required.
Article 27 of GDPR is about representatives of companies, controllers and processors, not established in the European Union.
These companies have to appoint an EU-based representative to be their European point of contact for individuals and local data protection authorities.
The reason of the processing may be the monitoring of data subjects or the offering of goods or services to these subjects.
Please note: GDPR applies whether goods or services are free of charge or not. In all these cases you must appoint an EU Representative.
GDPR grants individuals (data-subjects) the right to access their data from data controllers and data-processors through a Data Subject Access Request – DSAR.
GTK Data also acts as your Representative for EU data subjects and their requests.
GDPR protects the data of all citizens of and in the EU.
GDPR applies to these data wherever the processing of the data takes place.
In this respect GDPR is applicable worldwide.
GDPR not only covers your customers but also potential customers if you collect or process their data. (Article 3 Paragraph 2 GDPR and the Recital 23).
In consequence even if your company is established in the European domestic market, but your vendors and data-processors are located in a third country you must ensure that your vendors and data-processors appoint an EU Representative.
Do you want to concentrate on your business?
With GTK Data you can do your business, control risks and costs.
Full support all-in for a fixed monthly fee.
With an EU-Representative you will not have to worry about administrative requirements set up under GDPR. Our clients book one of our Three Plans***link and GTK Data will assist with all commitments of the GDPR. We will keep you updated on all changes regarding GDPR and other data-protection regulations that might have an impact on your business activities.
We offer this service on a controlled-cost basis including all extras for a fixed monthly fee.
How can you cooperate with Data Regulatory Agencies?
Requests from EU-Data Protection Authorities, Data subjects and all other administrative obligations of GDPR are covered.
GTK Data will handle all requests from EU-data subjects and EU-Data Protection Authorities as well as assist you with data access requests from individuals under GDPR.
Remember the 72 hrs time-frame for communicating a data-breach!
GTK Data will- in accordance with Article 30 of the GDPR – assist you in setting up records of your processing activities.
We will keep your records of processing activities on file und regularly maintain your procedure listings.
Requests from and communication with the EU-Data Protection Authorities will be easier and more cost-efficient for you with GTK Data and your EU Representative.
How can you avoid fines?
Organisations in breach of GPPR can be fined up to 4% of annual global turnover or 20 Million Euro. Don’t let that be you!
Make sure you have an EU Representative!
Be careful – Avoid fines!
All companies that are in breach of GDPR risk to be fined 20 Million Euros or 4% of their annual worldwide turnover (whichever is greater).
With or without an EU Representative all companies under the scope of GDPR are fully responsible and fully liable regarding their processing of personal data.
With regards to GDPR the designation of an EU Representative is a MUST.
The representative is a mandatory liaison-point who will facilitate your situation with Regulatory Authorities and help you to concentrate on your business.
AND PLEASE NOTE:
It may just be a matter of time until a fine is imposed on a non-EU company for failure to appoint an EU-Representative.
You do not want to be the first!
© 2022 GTK Data GmbH