Restricted Country Transfers
Workshop with Legal Experts
Learn how to transfer personal data to restricted countries in a UK GDPR compliant manner. A tailored workshop with data protection experts.
Are restricted country transfers relevant to my business?
Data transfers to restricted countries, such as the US, are almost unavoidable for UK companies.
The use of different software or the use of special services only provided by service providers in these countries necessitate these transfers for many companies.
The regulations of the UK GDPR are intended to ensure that personal data continues to be subject to a high standard of data security and to protect data subjects and companies. Experienced expertise is needed to select and implement the right measures in order to ensure a restricted transfer is UK GDPR compliant.
In a workshop with the relevant responsible persons in your company, our experts will define your transfers and provide you with the necessary tools to be UKD GDPR and PDA 2018 compliant.
The Restricted Country Transfers Workshop
In a workshop, we explain the legal background of intra- and extra-European data transfers to those responsible in your company.
We will show you how you can map and document your exact data flows and react accordingly. We will discuss the various measures with you and provide you with the necessary tools to take the right measures for current and future data transfers, such as the International Data Transfer Agreement, and thus be data protection compliant.
Conducting data protection compliant transfers and understanding the legal context will offer you a competitive advantage when negotiating with service providers, offering your services to customers or working with partners abroad.
4 good reasons to book your workshop with activeMind.legal UK Ltd.
Please provide us with some information about your company. We will contact you within two working days to discuss the details of a workshop with your company and provide you with a quote therefore.
The quote will naturally contain a non-disclosure agreement so you may be sure that our experts, while already subject to professional privilege, will maintain the utmost confidentiality.
Frequently asked questions about the EU representative required under the GDPR
Art. 27 GDPR (General Data Protection Regulation) requires companies that do not have offices, branches, or other establishments in the EU (non-EU businesses), but conduct business with European clients, to appoint an EU representative. Specifically, you must appoint an EU representative if your organisation processes personal data in the following contexts:
- offering goods or services to individuals in the EU, or
- monitoring the behaviour of individuals in the EU.
This obligation applies to both data controllers and data processors.
An EU representative serves as a contact point between your company and individuals or data protection authorities in the EU. An EU representative therefore acts on your company’s behalf with regard to your obligations under the GDPR. Furthermore, the representative maintains your records of processing activities and makes these records available to supervisory authorities upon request.
EU representatives can be external service providers, and the role can be performed by individuals or organisations, such as law firms, consultancies, or other private companies. They must be based in one of the countries where customers or data subjects that are being monitored are located or where your goods or services are being offered.
The GDPR does not specify the minimum qualifications an EU representative should hold. However, it is advisable to appoint a representative that has a broad understanding of the relevant legal and technical data protection issues in order to be able to communicate with the authorities efficiently. Furthermore, as an EU representative serves as the contact point between your company and data subjects or authorities, it is thus essential that the representative speaks the local language fluently.
How much you can expect to pay for an EU representative under the GDPR depends on several factors, for example, the size of your company, the number of employees, what data you process and how many locations in how many countries you have. These all influence the amount of queries and attention from supervisory authorities your company may expect to receive. Furthermore, the costs for an EU representative are influenced by how much support you may need in creating and maintaining the necessary data protection documents (especially the records of processing activities – ROPA).