What's a EU Representative?

Under the GDPR, an EU representative is a person or organization that is based in the EU and is designated by a non-EU based organization to serve as a point of contact for individuals whose data is being processed, and for the relevant supervisory authority.

The requirement to appoint an EU representative applies to any organization that is not established in the EU but processes personal data from individuals in the EU.

The specific duties and responsibilities of an EU representative can vary depending on the organization and the nature of its activities. However, some common responsibilities of an EU representative include:

  1. Acting as a point of contact for individuals whose data is being processed, and for the relevant supervisory authority, with respect to the processing of personal data
  2. Assisting the organization in meeting its obligations under the GDPR, including responding to requests from individuals and the relevant supervisory authority
  3. Maintaining records of the organization's processing activities, as required by the GDPR
  4. Cooperating with the relevant supervisory authority in the performance of its tasks

It is important to note that the appointment of an EU representative does not relieve the organization of its obligations under the GDPR. The organization remains fully responsible for ensuring that it complies with the GDPR and other data protection laws, even if it has appointed an EU representative.

Definition

What's the legal basis for a processing activity?

To process personal data a valid lawful basis is necessary. There are six available lawful bases for processing:Consent: The data subject has given clear and affirmative consent to the processing of their personal data for a specific purpose.Contract: The processing is necessary for the performance of a contract to which the data subject is a party, or in order to take steps at the request of the data subject prior to entering into a contract.
Definition

What's a subprocessor in the GDPR?

In the context of the General Data Protection Regulation (GDPR), a subprocessor is a third-party service provider that processes personal data on behalf of another organization, known as the data controller. The GDPR sets out specific rules and requirements for the use of subprocessors, including the need for a written contract between the data controller and the subprocessor.
Definition

What's a Privacy Policy?

A Privacy policy is an official document in which you need to sum up the goals and commitments you've settled in terms of privacy and data protection regarding your clients', employees' or customers' personal data. This document is to be published on your website and tool for everyone to see and read, your data subjects, third parties as well as supervisory authorities.

Become GDPR compliant in minutes!

Privacyboard helps you comply with GDPR easily so you can focus on what's really important for your business.
Start for free
Privacyboard

Product

PricingAbout

Ressources

BlogSubprocessorsKnowledge CenterGlossarySupervisory AuthoritiesEmail Templates

Legal

Privacy PolicyCookie PolicySubprocessorsRight RequestsTerms
Made in  🇪🇺  with  ☕️