EU representative

If you, as a company, offer goods and/or services to end customers in the EEA, you must appoint a local contact person for data protection issues. This allows data protection authorities in the EU to contact their EU representative for data protection issues.

Since the EU representative must be based in the EU, he is therefore also subject to EU law and cannot evade the authority. The representative must provide certain documentation upon request. For example, he must keep a record of processing activities.

Note: It is still the responsibility of the person responsible (i.e. your companies outside the EU) to maintain/create the processing register.

Another reason why the European legislator requires a representative in the EU in Article 27 of the GDPR is that European end customers have a position within the EU to which they can contact if they have data protection issues.

Both a legal person (company) and a natural person can be appointed as EU representatives. The use of a natural person is not recommended here because as a result, the person's registration address must be provided in the data protection policy. In the case of a legal entity, this would be the business address.

We take on the role of EU representative through our company in Munich. In doing so, we keep a list of processing activities on site and are available as a point of contact for inquiries from the EU.

In brief: SIDD's EU representative forwards inquiries from the EU to your company and keeps a list of local processing activities.

If you would like advice on specific inquiries, we can offer this on an hourly basis. We recommend the EU representative in combination with the SIDD Datenschutzberaterin (Schweiz) or Datenschutzbeauftragter (EU) to use.