Article 27 representative services

Under Article 27 of the GDPR, a company that targets its good or services into the EU, or monitors EU data subjects, but does not have an EU-based establishment must have an EU-based Representative.

The Representative has the following important responsibilities:

• Acts as the contact point for data subjects and the supervisory authorities in the EU;
• Provides any information the Supervisory Authorities require for the performance of their tasks; and
• Maintains a copy of the Article 30 Record of Processing Activities (RoPA) of the non-EU company.

How do we help?

We offer independent, specialized Article 27 representative support to act as your organization's point of contact for relevant data subjects and supervisory authorities.

Does my organization need to appoint an Article 27 Representative?

Take our self-assessment questionnaire to determine what type of representation you may need.

Conor Hogan, Global Practice Lead - Privacy, oversees our global practice team of data protection and privacy professionals. His team supports clients from across the world to meet the evolving challenges of privacy and data protection compliance.

Our privacy consultants are members of the International Association of Privacy Professionals (IAPP) and ISACA and cumulatively possess the below industry recognized credentials.