What is a representative under GDPR? Why do I need one? What do they actually do? Are these questions familiar to you? Does it sound like we are reading your mind? Then join us for this exciting unscripted conversation with Tim Bell, Managing Director of the DPR group - a walking, talking, EU representative.
If a data controller or processor does not have an establishment in any of the member states of the European Union, they have to appoint a representative. This is stipulated by article 27 GDPR. But does this really happen? The EU Member States seem to have concerns. In their evaluation report of the GDPR, they say it is uncertain to what extent controllers and processors from third countries have complied with the Representation obligation.
Apparently, there are cases where a representative has not been designated. Reason enough to dive a bit deeper into this topic and discuss the role of the representative and how to appoint one. In this podcast, we address a variety of topics such as the complexities of current EU representatives established in the United Kingdom and what that means for companies who will need a UK representative in the EU or vice versa.
Resources and Social Media
LinkedIn (company): https://www.linkedin.com/company/18312118
Hamburg DPA Investigation: https://datenschutz-hamburg.de/assets/pdf/27._Taetigkeitsbericht_Datenschutz_2018_HmbBfDI.pdf (p. 52/53)
EDPB Guidelines on Territorial Scope: https://edpb.europa.eu/our-work-tools/our-documents/guidelines/guidelines-32018-territorial-scope-gdpr-article-3-version_en
As always, if you have comments or questions, find us on LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy and email firstname.lastname@example.org. Rate and Review us! #heartofprivacy #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO