Representatives in the Union under the GDPR

EU representative according to the GDPR

Request a free consultation
EU representative according to the GDPR

WE SUPPORT YOU IN THE IMPLEMENTATION OF THE GDPR SPECIFICATIONS

Do you need an EU representative under the GDPR?

Controllers or data processers who are not established in the EU are required to have an EU representative:

  • Do you offer products or services within the European Union?
  • Does your company process the personal data of EU citizens outside of the EU?
  • Do you monitor your products or services and evaluate the behaviour of persons within the EU?

If you answered “yes” to any of these questions, according to the General Data Protection Regulation (GDPR) you are required to have an EU representative.

Request a free consultation

Representation in accordance with the GDPR in Germany

Our services as your EU representative under the GDPR

Cooperation with supervisory authorities

Once appointed as an EU representative, we are the central contact point for inquiries from the German supervisory authorities regarding your company's compliance with the GDPR.

Contact point for data subjects

As your EU representative we are your contact for inquiries and complaints as data subjects in connection with the processing of personal data by your company.

Support in the implementation of the GDPR

We will be in close contact with the data protection controllers of your company and will implement the GDPR requirements together in accordance with the law.

Use of the data protection software

On request, we help our non-European companies with our multilingual Robin Data Software to efficiently and pragmatically meet the requirements of the GDPR.

Which companies require a representative in the Union?

 

The data of European Union citizens are internationally subject to the European General Data Protection Regulation. Since the European Union is an important economic region in the world, many companies outside of the EU do business within EU. In this context these companies process the personal data of EU citizens. The processing is carried out worldwide according to the so-called "Marketplace principle".

Article 3 paragraph 2 GDPR and Recital 23 thereof specifically stipulate that the personal data of EU citizens processed outside the EU must be protected in accordance with the rules of the GDPR.  This means that non-European companies that process data of EU citizens outside of the EU must also comply with and implement the GDPR.

Robin Data provides representation in Germany for non-European companies in accordance to Article 27 GDPR.

 

Request a free consultation

 

EU representatives are important contact points for data subjects


Above all, the GDPR improves the rights of data subjects regarding transparency on the processing and deletion of personal data. Furthermore, the GDPR requires that the security of the processing be state-of-the-art and in accordance with Article 32 GDPR.

Data subjects must have the option to voice concerns and complaints about data protection to a specific contact point. The GDPR stipulates that data subjects may assert their rights in regard to companies, including those outside the EU, either directly or through the appropriate supervisory authorities.

For this reason, Article 27 paragraph 1 GDPR states that non-European companies that process the data of EU citizens must appoint an EU representative to act as a central contact for data subjects and supervisory authorities.

 

Non-European companies which process the personal data of EU citizens

Examples for companies that require an EU representative under the GDPR

Medical treatment in Turkey

The cosmetic surgery industry is flourishing in Turkey. Due to the attractive costs, Turkish medical practices are often frequented by customers from the EU. For these customers, the respective practices are required to implement the GDPR. Regardless, it makes sense to protect sensitive medical data as effectively as possible. The implementation of the worldwide “gold standard” for data protection, the GDPR, is a clear competitive advantage.

Software as a Service (SaaS) providers from the USA

SaaS products from the USA such as computer games and professional business software are popular in the EU. As early as during the trial registration for SaaS products, personal data is collected by the provider and processed in accordance with Article 4 paragraph 2 GDPR. The GDPR also applies to this data even if the server is located in the USA. The provider must implement the GDPR.

Our offer

Appoint Robin Data as your EU representative under the GDPR

Robin Data provides representation in Germany for non-European companies and takes on mandates as EU representatives in accordance to Article 27 GDPR.

Request a free consultation
 EU representative under the GDPR

Appoint us as your EU representative under the GDPR!

We will support you as your EU representative. Contact us now!