If you do business with a UK-based organisation, your relationship will change when the Brexit transition period ends on 31 December 2020.
Notably, there is still much uncertainty when it comes to transferring personal data into and out of the country. One of the solutions is to appoint a UK representative.
In this blog, we look at what you need to know about this position and how you can find a qualified candidate.
What is a UK representative?
A UK representative acts as a point of contact for data subjects and supervisory authorities in relation to the processing of personal data.
It’s the UK’s equivalent of the EU representative, the requirements of which are outlined in Article 27 of the GDPR.
A representative is tasked with:
- Responding to any queries the relevant supervisory authority or data subjects have concerning data processing;
- Maintaining records of the organisation’s data processing activities; and
- Making data processing records accessible to the supervisory authority.
These tasks sound a lot like those of a DPO (data protection officer), but it’s important not to confuse the two roles.
An UK representative represents non-UK based organisations when it comes to their data protection requirements, whereas a DPO is an independent expert who helps facilitate and assess the organisation’s compliance practices.
Who needs a UK representative?
Organisations must appoint an UK representative if they are based outside the country and monitor the behaviour of, or provide goods or services to, UK residents.
You can find a UK representative quickly and easily with the help of our sister company GRCI Law.
Led by a team of lawyers, barristers, and information and cyber security experts, GRCI Law can take the strain of GDPR compliance, acting as your EU representative for personal data processing activities.