Our UK Representative Services

graphic

Do you need to Appoint a UK Data Protection Representative?

  • Your company is based outside the UK and doesn't have an establishment there;
  • Your company offers goods or services to individuals in the UK (for payment or for free) and/or monitors the behaviour of these individuals (such as tracking or profiling)
STILL NOT SURE IF YOU NEED TO APPOINT A DATA PROTECTION REPRESENTATIVE?

Did You Know?

Since Brexit, the UK Representative
is a mandatory obligation

We provide a full range of high-quality representation services

We are passionate about client service. Really passionate. We strive to understand your operations, needs and expectations in order to provide you with personalized services.
UK Representation services

We act as your Data Protection Representative in your name and on your behalf in the United Kingdom. Our office is located in London, at 8 Northumberland Avenue, London WC2N 5BY.

Data Subject Access Requests (DSARs)

We handle an unlimited number of DSARs across the UK. By “handling”, we mean that we receive requests, perform identity checks (if you instruct us to do so), forward the requests to you, answer your questions as to best practices on how to respond to the requests and reply to the data subjects on your behalf, unless you choose to answer yourself. We aren’t just a mailbox or message forwarding service.

Requests from the Data Protection Authority (ICO)

We handle an unlimited number of requests from the Data Protection Authority (ICO) in the UK. We understand that it can be quite daunting for companies to be contacted by a data protection authority. That’s why our team handles such requests with great care and diligence.

Data Breach Notification Support

We assist and support you in the handling of an unlimited number of data breach notifications in the UK. We understand that the process can sometimes be very challenging, especially given the tight 72-hour deadline to notify the data breach.

IMPORTANT NOTICE IN CASE OF DATE BREACH:  Our contract will not automatically terminate in the event that you experience a data breach. We support you all the time and all the way.

Compliance Certificate

We provide you with a Compliance Certificate based on data protection technology through a unique high-level encryption / decryption process (including Blockchain technology) which can be used on your website and on your company material.

Top-level Security with ISO 27001 Certification
We are proud to be ISO 27001 certified, which is the latest, highest and most comprehensive in-depth security certification. It demonstrates our commitment to information security and confirms that we implemented industry-leading security practices to protect our client data. The scope of our certification covers all our processes involved in the provision of data protection Representative services in the EU/EEA and in the UK for companies located outside the EU/EEA and/or the UK, pursuant to Article 27 of the EU & UK GDPR.
Dedicated Client Support

We answer your questions and keep you informed on Data Protection matters that can impact your non-UK business. Our team covers all aspects of the UK GDPR (legal, IT, security, risk management, governance, etc.) and our experts are at your disposal to assist you even beyond local office hours and taking into account your international time zone. 

Privacy Policy / Documentation wording

We provide you with the wording that you have to include in your privacy policy on your website or in other documents (e.g. those required in clinical trials) with respect to the appointment of EDPO UK Ltd as your UK representative, including EDPO UK’s contact details and logo.

Overseas family that has our back

EDPO Client / Customizable gift book web application

What should you look for in an EU & UK Data Protection Representative ?

Here is our checklist for the appointment of your EU & UK Data Protection Representative
  • What services are included? Are there any extra (hidden) costs?
  • What languages are covered? Is translation included in the fees?
  • Who is the team? What are their qualifications and experience?
  • Does the Data Protection Representative provide data breach notification support?
  • What services are included? Are there any extra (hidden) costs?
  • What languages are covered? Is translation included in the fees?
  • Who is the team? What are their qualifications and experience?
  • Does the Data Protection Representative provide data breach
    notification support?

We cover the world. We cover all industries.

You'll find below a non-exhaustive list of industries that already work with us. 

Frequently Asked Questions

Check our FAQ page for more questions and answers.

How does the UK Representative assist non-UK companies?

The main task of the Data Protection Representative in the UK is to act as a point of contact for the data protection authority and individuals in the UK whose personal data is being processed by non-UK companies.

The representative acts on behalf of the non-UK companies, performing its tasks according to the mandate received from them, including cooperating with the data protection authority (the ICO) with regard to any action taken to ensure compliance with the UK GDPR.

The Data Protection Representative also has to maintain records of the processing activities of their clients.

Where does the UK Representative have to be located?

Your UK GDPR representative must be located in the United Kingdom.

Does designating a Data Protection Representative release the non-UK companies from liability and responsibility?

NO. The UK GDPR clearly state that the designation of a Data Protection Representative does not affect the responsibility and liability of the non-UK companies that fall within the scope of the UK GDPR. The designation is without prejudice to legal actions which could be initiated against the non-UK companies.

How much does it cost to appoint an UK Representative?

Our Data Protection Representative fees are based on the size of your company (in terms of number of employees), the type of data (regular data and/or sensitive data) that your company processes, whether or not your company’s processing operations require regular and systematic monitoring of individuals in the UK and whether your company processes personal data on a large scale. All packages can be tailored to your company’s specific needs.

Click here to know more about our UK Representative fees.

If you need to appoint us as EU Representative too, please let us know, we have discounted prices.

Do the UK representative services cover the EU too?

No. Now that the UK left the EU, it is a separate jurisdiction. If your company is active in both the EU and the UK, you will need to appoint two Representatives. Head over to our EU Representative services page to learn more.