EC Representative | EC REP | EU REP

EC-Representatives EC REP

Data Business Services provides you with all the services of an EC-Representative for data protection. With Data Business Services as your EC-Representative you can be sure that your company is set for complete GDPR compliance. And with an EC-Representative in Europe, you are prepared for all European privacy inquiries that may arise.

If you do not have a registered office in the EU, you probably still need an EC-Representative. Why? Because you are likely to lose business and perhaps even risk being imposed a fine. One of the rules of the EU-GDPR is the necessity to appoint an EC-Representative when conducting business in the EU, regardless of your company’s location.

Do I need an EC-Representative | EU-Representative GDPR?

  • Do you offer goods or services to customers or clients in the EU?
  • Do you monitor the behavior of people in the EU?

If the answer to one of these questions is YES, then you must appoint a representative according to the EU-GDPR, especially if your company does not have any physical presence in Europe. Exception: If you are processing personal data only occasionally and if so, then without any risk to the rights and freedoms of natural persons. However, the scope for applying this exception is rather small especially for online companies, as most of them rely heavily on the usage of personal data.

Which duties does an EC-Representative have?

The representative is assigned by the company’s executive/s or its leading data processor, to act as contact person, especially for inspecting authorities, answering all inquiries on his/her behalf that may arise concerning the compliance with the data protection regulations. Thus, the representative is an appointed agent for receiving legal documents and a spokesperson for inquiries by authorities as well as individuals from the EU.

Whom can I appoint as my EC-Representative?

The appointed representative must be a resident in one of the EU member countries, in which the data processing occurs. He/she must be a natural person or legal body, who is appointed in writing by a supervisor or processor according to Article 27. A legal body is a natural, juristic or other person, who has rights and is bound to responsibilities. The representative does not necessarily have to be a lawyer or data protection professional.

However, as the representative is obligated to communicate with authorities as well as affected individuals regarding a multitude of legal questions, it is highly advisable that the representative knows all GDPR guidelines very well. Additionally, the EC-Representative should have a sound understanding of all data processes within your company – what and how your company uses data. Ideally the EC-Representative has relevant experience in dealing with authorities in the areas of regulation and compliance. The EC Representative provided by Data Business Services is a specialized data privacy lawyer located in Germany.

How to appoint a representative?

The representative needs to be assigned in writing. The mandate should include the actual functions and duties of the representative. At this point, the respective authority does not need to be informed about the appointment. However, you must mention the representative in your information for the affected individuals (normally your company’s privacy notice) as well as in the report of your data processes.

What happens, if I fail to appoint a representative?

Ignoring the regulation can result in fines of up to € 10 million.

What can Data Business Services do for me?

Data Business Service assumes the representation according to Art 27 EU-GDPR for companies that are not based in the EU, especially those from the United States and the Asian Pacific region.

Order an EC Representative