Representative

Representative

Do you need a representative?

If you are a controller or processor located outside of the UK you will need a GDPR Representative.

If you are not based in the UK and are offering goods or services to people in the UK, irrespective of whether or not they are paid for or if you are monitoring the behaviour of people in the UK, then you are likely required to comply with the UK GDPR. If you don’t have any establishments in the UK then you are required, subject to a few exemptions, to designate a Representative. The obligation applies to both controllers and processors.

A Representative is simply a local point of contact for the ICO: someone to represent your interests if the ICO or anyone else wants to contact you about the processing you undertake.

DPP is a trusted GDPR consultancy practice with many years of experience working with British data laws.

We can guide you through the process of determining if you need to appoint a representative and we can act as your representative if you need to appoint one whether you are in the US, India, China, or the EU.

Representative

What are the exemptions?

There are a few reasons why you may be exempt from having a Representative for example you do not need to appoint a representative if either: you are a public authority; or. your processing is only occasional, of low risk to the data protection rights of individuals, and does not involve the large-scale use of special category or criminal offence data.

If you are still unsure whether the law applies to you, we are happy to give you some guidance.