{"id":2356,"date":"2022-12-14T13:04:30","date_gmt":"2022-12-14T11:04:30","guid":{"rendered":"https:\/\/aiternalex.com\/?p=2356"},"modified":"2022-12-14T13:13:47","modified_gmt":"2022-12-14T11:13:47","slug":"when-is-the-eu-representative-required-under-gdpr","status":"publish","type":"post","link":"https:\/\/aiternalex.com\/en\/privacy-en\/when-is-the-eu-representative-required-under-gdpr\/","title":{"rendered":"When is the EU representative required under the GDPR?"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"2356\" class=\"elementor elementor-2356\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4817103f elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4817103f\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-447414cd\" data-id=\"447414cd\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5e3c21ad elementor-widget elementor-widget-text-editor\" data-id=\"5e3c21ad\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.9.2 - 21-12-2022 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#818a91;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#818a91;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p class=\"p2\"><span class=\"s1\">Perhaps not everyone is aware that <b>Article 27 of the GDPR requires the appointment of a European representative to companies located outside the EU and carrying out data processing activities of European citizens.<\/b><\/span><\/p><p class=\"p2\"><span class=\"s1\">In brief, the representative&#8217;s role is to act as a point of contact between the data controller, located outside the territory of the EU, and national data protection authorities and data subjects.<\/span><\/p><p class=\"p2\"><span class=\"s1\">As an obligation imposed only on non-European companies, it is not surprising that, within the European Union, this regulatory imposition had never been given particular importance.<\/span><\/p><p class=\"p2\"><span class=\"s1\">Nonetheless, <b>companies that fail to comply with this requirement can often face large fines.<\/b><\/span><\/p><p class=\"p2\"><span class=\"s1\">Inside this article we try to answer some of the most frequently asked questions about the EU representative.<\/span><\/p><h3 class=\"p2\"><span class=\"s1\"><b>What is the role of an EU representative under the GDPR?<\/b><\/span><\/h3><p class=\"p2\"><span class=\"s1\">The role of an EU representative under the General Data Protection Regulation (GDPR) is <b>to act as a point of contact for EU data protection authorities and individuals whose personal data is processed by the non-EU based organization that the representative is representing<\/b>. Although the representative is not responsible for the organisation&#8217;s compliance with the GDPR and may still be required to cooperate with and assist the DPAs in carrying out their tasks. This includes responding to inquiries from individuals whose personal data is processed by the organization and providing information to data protection authorities when requested. The EU representative is also responsible for ensuring that the organization keeps records of its processing activities, and for making those records available to data protection authorities upon request.<\/span><\/p><h3 class=\"p2\"><span class=\"s1\"><b>Should my company appoint an EU representative?<\/b><\/span><\/h3><p class=\"p2\"><span class=\"s1\">Whether a company is required to appoint an EU representative under the General Data Protection Regulation (GDPR) depends on several factors. The GDPR requires non-EU based organizations that:<\/span><\/p><ul class=\"ul1\"><li class=\"li2\"><span class=\"s1\"> offer goods or services to individuals in the EU, or<\/span><\/li><li class=\"li2\"><span class=\"s1\">that monitor the behavior of individuals in the EU,<\/span><\/li><\/ul><p class=\"p2\"><span class=\"s1\">to appoint an EU representative if they do not have a physical presence in the EU. <\/span><\/p><p class=\"p2\"><span class=\"s1\">According to the EDPB guidelines (guideline 3\/2018), there are several factors that need to be considered in order to determine whether a company is offering its goods or services to individuals in a particular territory within the EU. Some of these factors are:<\/span><\/p><ul class=\"ul1\"><li class=\"li2\"><span class=\"s1\"><b>using the languages of a specific region<\/b> or offering payments in the currency of that region;<\/span><\/li><li class=\"li2\"><span class=\"s1\">using Google, Facebook or TikTok ads to target a specific market, or <b>any <\/b>other<b> marketing activity directed at customers in that market<\/b>;<\/span><\/li><li class=\"li2\"><span class=\"s1\">the <b>use of top-level domains in that market<\/b>;<\/span><\/li><li class=\"li2\"><span class=\"s1\"><b>offering delivery of goods to individuals in the European region<\/b>.<\/span><\/li><\/ul><p class=\"p2\"><span class=\"s1\">Furthermore it is important to note that the <b>GDPR applies to organisations of all sizes<\/b>, so even if your company is small, you may still be required to appoint an EU representative. It is always best to consult with a legal advisor to determine whether your company is required to appoint an EU representative.<\/span><\/p><h3 class=\"p2\"><span class=\"s1\"><b>What happens if I do not appoint an EU representative under the GDPR?<\/b><\/span><\/h3><p class=\"p2\"><span class=\"s1\">If a non-EU based organization that is required to appoint an EU representative under the General Data Protection Regulation (GDPR) does not do so, it may be subject to penalties and fines. <b>The GDPR provides for a range of administrative fines, including fines of up to 20 million euros or 4% of the organization&#8217;s global annual revenue, whichever is greater, for violations of certain provisions of the GDPR.<\/b> Failing to appoint an EU representative when required to do so could be considered a violation of the GDPR, and could result in the organization being fined. Additionally, EU data protection authorities may take other enforcement actions against the organization, such as requiring it to appoint an EU representative or suspending or prohibiting the processing of personal data. It is important for non-EU organizations to comply with the GDPR and appoint an EU representative if required to do so.<\/span><\/p><h3 class=\"p2\"><span class=\"s1\"><b>How to appoint an EU representative?<\/b><\/span><\/h3><p class=\"p2\"><span class=\"s1\">To appoint an EU representative under the General Data Protection Regulation (GDPR), your company can take the following steps:<\/span><\/p><ul class=\"ul1\"><li class=\"li2\"><span class=\"s1\"><b>Identify an individual or organization based in the European Union<\/b> (EU) that is willing and able to act as your company&#8217;s EU representative.<\/span><\/li><li class=\"li2\"><span class=\"s1\"><b>Have the EU representative sign a written mandate <\/b>that outlines the scope of their responsibilities and the duration of their appointment.<\/span><\/li><li class=\"li2\"><span class=\"s1\"><b>Keep a copy of the mandate on file<\/b>, along with any other relevant documents, such as proof of the EU representative&#8217;s identity and location.<\/span><\/li><li class=\"li2\"><span class=\"s1\"><b>Make the contact information for your company&#8217;s EU representative available <\/b>on your website and in your privacy policy, and provide it to any individuals or data protection authorities who request it.<\/span><\/li><\/ul><p class=\"p2\"><span class=\"s1\"><b>It is important to note that the EU representative must be based in the EU and must be easily accessible to individuals and data protection authorities. <\/b>The representative must also <b>be able to communicate in the language(s) <\/b>used by the individuals and authorities with whom they will be interacting. It is also important to ensure that the EU representative is able to fulfill their responsibilities under the GDPR and <b>is familiar with the organization&#8217;s processing activities<\/b>. You may wish to consult with a legal advisor to ensure that your company&#8217;s appointment of an EU representative complies with the GDPR.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Perhaps not everyone is aware that Article 27 of the GDPR requires the appointment of a European representative to companies located outside the EU and carrying out data processing activities of European citizens. In brief, the representative&#8217;s role is to act as a point of contact between the data controller, located outside the territory of [&hellip;]<\/p>\n","protected":false},"author":9,"featured_media":2360,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[58],"tags":[],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/aiternalex.com\/wp-content\/uploads\/2022\/12\/EU-REPRESENTATIVE-GDPR.png","_links":{"self":[{"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/posts\/2356"}],"collection":[{"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/comments?post=2356"}],"version-history":[{"count":5,"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/posts\/2356\/revisions"}],"predecessor-version":[{"id":2364,"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/posts\/2356\/revisions\/2364"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/media\/2360"}],"wp:attachment":[{"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/media?parent=2356"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/categories?post=2356"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aiternalex.com\/en\/wp-json\/wp\/v2\/tags?post=2356"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}