EU representative

An EU representative under the General Data Protection Regulation (GDPR) is a natural or legal person appointed by a controller or processor outside the European Union to ensure compliance with data protection regulations. The EU representative acts as a point of contact for data protection matters and enables people in the EU to effectively exercise their data protection rights.

Do I need an EU representative?

If you, as a company, offer goods and/or services to end customers in the EEA, you must appoint a local contact person for data protection issues. This allows data protection authorities in the EU to contact their EU representative for data protection issues.

Since the EU representative must be based in the EU, he is therefore also subject to EU law and cannot evade the authority. The representative must provide certain documentation upon request. For example, he must keep a record of processing activities.

Note: It is still the responsibility of the person responsible (i.e. your companies outside the EU) to maintain/create the processing register.

Another reason why the European legislator requires a representative in the EU in Article 27 of the GDPR is that European end customers have a position within the EU to which they can contact if they have data protection issues.

Both a legal person (company) and a natural person can be appointed as EU representatives. The use of a natural person is not recommended here because as a result, the person's registration address must be provided in the data protection policy. In the case of a legal entity, this would be the business address.

What activities does an EU representative from SIDD take on?

We take on the role of EU representative through our company in Munich. In doing so, we keep a list of processing activities on site and are available as a point of contact for inquiries from the EU.

In brief: SIDD's EU representative forwards inquiries from the EU to your company and keeps a list of local processing activities.

If you would like advice on specific inquiries, we can offer this on an hourly basis. We recommend the EU representative in combination with the SIDD Datenschutzberaterin (Schweiz) or Datenschutzbeauftragter (EU) to use.

Which packages does SIDD offer?

EU representative package

What happens after you order SIDD?

After SIDD has been appointed as EU representative, the onboarding process is as follows:

Contract signing

We conclude a service contract with the customer, which contains the framework conditions and scope of our work as a UK representative. Digital, of course 😉

Provision of a list of processing activities

By you (customer) or, if applicable, commissioned to compile a list of processing activities as part of a Data protection workshops.

Mention of our Munich company in your privacy policy


Ongoing support

If inquiries are received, we will immediately communicate them to you and coordinate with you. In this case, we recommend to name a Data Protection Consultant (Switzerland) or Data Protection Officer (EU) as a contact person.