Bruce & Butler provides local representation and translation services both in the UK and any of the 27 member states across continental Europe.
You can always remain compliant with Article 27 of the GDPR even if you only process the personal data of data subjects that reside in the UK or a specific EU member state
After 31st December 2020, at the end of the transition period, Data Controllers or Data Processors located outside the UK that process the personal data of individuals within the UK will need to appoint a “UK Representative”.
EU law will continue to require organisations based outside the EEA (including the UK) that process data on individuals within the EU, to have an “EU Representative”. If an organisation processes personal data of data subjects residing in a limited number of EU states, then its Representative should have a presence in one of those states.
The appointed representative cannot be your Data Protection Officer.
Your representative may be an individual, or a company or organisation established in the EEA, and must be able to represent you regarding your obligations under the EU GDPR.
You should give details of your representative to EEA-based individuals whose personal data you are processing. This may be done by including them in your privacy notice or in the upfront information you give them when you collect their data. You must also make it easily accessible to supervisory authorities – for example by publishing it on your website.
The Representative is required to:
In a highly regulated and increasingly complex world, with ever advancing technologies ingesting and processing personal data, we can ensure that compliance with data protection and privacy laws, such as GDPR, are continually met and maintained.
Leveraging world leading intelligent technology, expert knowledge and best practice remediation measures we can support you in appropriately managing information and cyber risk and achieving certification to standards such as ISO 27001, Cyber Essentials and Cyber Essentials Plus.
Ensuring that vulnerabilities which could leave your organisation open to attack are both identified and minimised is an essential part of any organisation’s cyber security strategy regardless of their size. We can perform regular assessments of your organisation’s infrastructure to identify any vulnerabilities and give you the ability to remediate these before an attacker can exploit them.