As the author of this agreement with your EU representative, you can insert a clause stipulating where disputes are heard. If you started your activities before the RGPD and you have processed the data of European citizens, you may already have to appoint a representative. Since you will not have a base within the EEA after the end of the transitional period, the RGPD requires you to appoint a representative to the EEA. This representative must be established in an EU or EEA member state, where some of the people whose personal data you treat in this way are located. Therefore, if you know that a staff member, for example, lives in the UK or in an EU Member State where your company operates, they could become a British data protection representative or a representative of the EU RGPD. If you are a processing manager outside the EU, but you offer goods or services (including free) to EU users or monitor their behaviour as long as it takes place in the EU, you must appoint an EU representative based in one of the EU countries where your users are based. One of the lesser-known but still important obligations to which non-resident organisations in the EU, in accordance with the EU General Data Protection Regulation (GDPR), is in Article 27, which is rightly referred to as `representatives of processing managers or subcontractors who are not established in the Union`. Of course, we are not talking here about the American civil war – organisations that are regulated by the RGPD, but which are established outside the EU, must formally appoint a representative in the European Union to represent them on data protection. In addition to appointing an EU representative, you must also write a letter confirming the appointment of your representative. If people GDPR-Rep.eu contacting requests to your business, GDPR-Rep.eu deals with personal data for your business. The data processing contract for this type of processing is attached to your engagement letter, which is made available to you during the onboarding process. Public authorities and public bodies are also not required to have an EU representative.
You must in writing authorise the representative to act on your behalf with regard to your compliance with the EU RGPD and to deal with all supervisory authorities or anyone concerned in this regard.