Search

UK Representative
required in terms of the UK GDPR

Our experts liaise with the ICO and data subjects in the UK on your behalf. You meet your UK GDPR obligations.

UK representative
required in terms of the UK GDPR

Our experts liaise with the ICO and data subjects in the UK on your behalf. You meet your UK GDPR obligations.

Two lawyers from activeMind.legal talk about necessary data protection measures for a client

Does your company need a UK representative?

Most non-UK businesses need a UK representative according to the UK GDPR.

If your company does not have an office or establishment in the United Kingdom (UK), but conducts business with UK clients you may have to appoint a UK representative.

Under Art. 27 of the UK GDPR (United Kingdom General Data Protection Regulation) you must appoint a UK representative if you process personal data in the following contexts (regardless of whether you are a controller and processor):

  • offering goods or services to individuals in the UK (irrespective of whether or not the services are free of charge), or
  • monitoring the behaviour of individuals in the UK.
Enquire now!

What will a UK representative do for your company?

The UK representative empowers your non-UK based business to be UK GDPR compliant.

The UK representative will essentially do three things for you: Communicate on your behalf with data subjects in the United Kingdom, be a contact point for the Information Commissioner’s Office (ICO), and maintain your records of processing activities (ROPA) and make these records available to the ICO upon request. The ICO is the data protection supervisory authority for the UK.

Enquire now!
Two activeMind-legal employees discuss a data protection case

How do I choose the best UK representative?

An UK representative qualifies themselves through their expertise and communication skills.

A UK representative can be an individual, a company or an organisation established in the UK (e.g. a law firm, consultancy or private company).

The UK GDPR does not specify the minimum qualifications a UK representative must hold. However, it is strongly advisable to consider a representative that has a broad understanding of both legal and technical data protection issues to ensure efficient communication with the ICO.

Enquire now!

4 good reasons to choose an activeMind.legal expert as your
UK representative

Specialist lawyers

Our representative services are provided by a team of expert lawyers with in-depth experience of data protection holding data protection and information security certifications.

Broad experience

We have broad experience of working with EU and UK regulators and responding effectively to more complex interactions with data subjects. We also help our clients in the EU and the UK with processing records on a regular basis.

Additional support

We advise on all questions relating to UK data protection law and regulatory compliance and can help you to set up a data protection management system (DPMS).

One-stop shop

If your company does not have an office or other establishment in the UK or in the EU we can offer you both services as a one-stop shop: UK representative and EU representative required under the GDPR.

Free enquiry

Please provide us with some information about your company. We will contact you within two working days with an individual offer for your UK representative.

Full details of how we handle your data can be found in our privacy policy.

Frequently asked questions about the UK representative

Art. 27 UK GDPR requires companies that do not have offices, branches, or other establishments in the UK (non-UK businesses), but conduct business with UK clients, to appoint a UK representative. Specifically, you must appoint a UK representative if your organisation processes personal data in the following contexts:

  • offering of goods or services, irrespective of whether payment is required, to data subjects in the UK; or
  • monitoring the behaviour of individuals in the UK.

This obligation applies to both data controllers and data processors.

A UK representative serves as a contact point between your company and individuals or the data protection authority in the UK. A UK representative therefore acts on your company’s behalf with regard to your obligations under the UK GDPR. Furthermore, the representative maintains your records of processing activities and makes these records available to the supervisory authority upon request.

UK representatives can be external service providers. The role can be performed by individuals or organisations, such as law firms, consultancies, or other private companies, as long as they are based in the UK.

The UK GDPR does not specify the minimum qualifications a UK representative should hold. However, it is advisable to appoint a representative that has a broad understanding of the relevant legal and technical data protection issues in order to be able to communicate with the authority efficiently. Furthermore, as a UK representative serves as the contact point between your company and data subjects or the authority, it is thus essential that the representative speaks the local language fluently.

How much you can expect to pay for a UK representative under the UK GDPR depends on several factors, for example, the size of your company, the number of employees, what data you process and how data subjects are affected. These all influence the amount of queries and attention from the supervisory authority your company may expect to receive. Furthermore, the costs for a UK representative are influenced by how much support you may need in creating and maintaining the necessary data protection documents (especially the records of processing activities – ROPA).

activeMind.legal UK Ltd. is a London-based law firm specialising in data protection law and related areas of law.

activeMind.legal UK Ltd.
No 1 Royal Exchange
London, EC3V 3DG

Law firm

Authorisation

Authorised and regulated by the Solicitors Regulation Authority with SRA ID 659582

Services

Resources

Legal

Group

© 2022-2024 activeMind.uk

powered by rethink digital & KLEINWERKSTATT