OUR EU REPRESENTATIVE SERVICES
We provide a full range of high-quality representation services
We are passionate about client service. Really passionate. We strive to understand your operations, needs and expectations in order to provide you with personalized services.
EU Representation services in the entire EU/EEA
Data Subject Access Requests (DSARs)
Requests from Data Protection Authorities (DPAs)
EU Representation services in the entire EU/EEA
We act in your name and on your behalf in the entire EU/EEA for GDPR purposes. We are located in Brussels, the EU’s capital, and are therefore close to EU institutions, decision-makers and influencers. We also have offices in Paris, Dublin, Berlin and Madrid* to support you as closely as possible as your GDPR representative. As confirmed by the Guidelines of the European Data Protection Board, your EU representative must only be established in one – and only one – of the EU/EEA countries where the data subjects whose personal data your company processes are located. If your company processes personal data of individuals who are located in more than one EU country, then you can choose in which country to appoint your EU representative.
*Are you looking for another location? We have a solution! Contact us for more information.
Data Subject Access Requests (DSARs)
We handle an unlimited number of DSARs across the entire EU/EEA. By “handling”, we mean that we receive requests, perform identity checks (if you instruct us to do so), forward the requests to you (with a free English translation if needed), answer your questions as to best practices on how to respond to the requests and reply to the data subjects on your behalf (with, again, a free translation if needed), unless you choose to answer yourself. We aren’t just a mailbox or message forwarding service.
Requests from Data Protection Authorities (DPAs)
We handle an unlimited number of requests from DPAs in the EU/EEA. We understand that it can be quite daunting for companies to be contacted by DPA’s. That’s why our team handles such requests with great care and diligence (including free translation if needed).
Data Breach Notification Support
Compliance certificate
Top-level security storage of your Article 30 record of processing activities
Data Breach Notification Support
We assist and support you in the handling of an unlimited number of data breach notifications in the EU/EEA. Given that every data protection authority (DPA) has different requirements for data breach notifications (including filing in the country’s official language), the entire process can be very challenging – especially given the tight 72-hour deadline to notify a data breach to the DPAs. EDPO uses a unique and innovative digital data breach notification platform that consolidates all of the questions of all of the data breach notification forms in the entire EU/EEA in English and then translates the answers back into the original language of the respective national EU/EEA countries. We can therefore give you a huge head start in your data breach notification filings by reducing the time and resources – and stress! – required to complete your data breach notifications.
IMPORTANT NOTICE IN CASE OF DATE BREACH: Our contract will not automatically terminate in the event that you experience a data breach. We support you all the time and all the way.
Compliance Certificate
We provide you with a GDPR Article 27 Compliance Certificate based on data protection technology through a unique high-level encryption / decryption process (including Blockchain technology) which can be used on your website and on your company material.
Top-level security storage of your Article 30 register of processing activities
Your GDPR Article 30 record of processing activities is kept on a highly secure platform that is certified with the latest and most comprehensive in-depth security certification – ISO/IEC 27001:2013 – which covers its entire business, people, processes, procedures and platform. You don’t have an Article 30 record of processing activities? We’ll be more than happy to provide you with referrals of templates and/or experts who can help you set one up.
Dedicated Client Support
Translation
Privacy Policy / Documentation wording
Dedicated Client Support
We answer your questions and keep you informed on GDPR matters that can impact your non-EU business. Our team covers all aspects of the GDPR (legal, IT, security, risk management, governance, etc.) and our experts are at your disposal to assist you even beyond local office hours and taking into account your international time zone.
Translation
We provide you with a free English translation of all requests from data subjects and data protection authorities as well as a free English-to-original language reply. We also provide you with access to our digital data breach notification platform which includes an English translation of the data breach notifications forms of the relevant Data Protection Authorities in the EU/EEA.
Privacy Policy/Documentation wording
We provide you with the wording that you have to include in your privacy policy on your website or in other documents (e.g. those required in clinical trials) with respect to the appointment of EDPO as your EU representative, including EDPO’s contact details and logo.
Representation services in the entire EU/EEA
We act in your name and on your behalf in the entire EU/EEA for GDPR purposes. We are located in Brussels, the EU’s capital, and are therefore close to EU institutions, decision-makers and influencers. We also have offices in Paris, Dublin, Berlin and Madrid* to support you as closely as possible as your GDPR representative. As confirmed by the Guidelines of the European Data Protection Board, your EU representative must only be established in one – and only one – of the EU/EEA countries where the data subjects whose personal data your company processes are located. If your company processes personal data of individuals who are located in more than one EU country, then you can choose in which country to appoint your EU representative.
*Are you looking for another location? We have a solution! Contact us for more information.
Data Subject Access Requests (DSARs)
We handle an unlimited number of DSARs across the entire EU/EEA. By “handling”, we mean that we receive requests, perform identity checks (if you instruct us to do so), forward the requests to you (with a free English translation if needed), answer your questions as to best practices on how to respond to the requests and reply to the data subjects on your behalf (with, again, a free translation if needed), unless you choose to answer yourself. We aren’t just a mailbox or message forwarding service.
Requests from Data Protection Authorities (DPAs)
We handle an unlimited number of requests from DPAs in the EU/EEA. We understand that it can be quite daunting for companies to be contacted by DPA’s. That’s why our team handles such requests with great care and diligence (including free translation if needed).
Data Breach Notification Support
We assist and support you in the handling of an unlimited number of data breach notifications in the EU/EEA. Given that every data protection authority (DPA) has different requirements for data breach notifications (including filing in the country’s official language), the entire process can be very challenging – especially given the tight 72-hour deadline to notify a data breach to the DPAs. EDPO uses a unique and innovative digital data breach notification platform that consolidates all of the questions of all of the data breach notification forms in the entire EU/EEA in English and then translates the answers back into the original language of the respective national EU/EEA countries. We can therefore give you a huge head start in your data breach notification filings by reducing the time and resources – and stress! – required to complete your data breach notifications.
IMPORTANT NOTICE IN CASE OF DATE BREACH: Our contract will not automatically terminate in the event that you experience a data breach. We support you all the time and all the way.
Compliance certificate
We provide you with a GDPR Article 27 Compliance Certificate based on data protection technology through a unique high-level encryption / decryption process (including Blockchain technology) which can be used on your website and on your company material.
Top-level security storage of your Article 30 record of processing activities
Your GDPR Article 30 record of processing activities is kept on a highly secure platform that is certified with the latest and most comprehensive in-depth security certification – ISO/IEC 27001:2013 – which covers its entire business, people, processes, procedures and platform. You don’t have an Article 30 record of processing activities? We’ll be more than happy to provide you with referrals of templates and/or experts who can help you set one up.
Dedicated Client Support
We answer your questions and keep you informed on GDPR matters that can impact your non-EU business. Our team covers all aspects of the GDPR (legal, IT, security, risk management, governance, etc.) and our experts are at your disposal to assist you even beyond local office hours and taking into account your international time zone.
Translation
We provide you with a free English translation of all requests from data subjects and data protection authorities as well as a free English-to-original language reply. We also provide you with access to our digital data breach notification platform which includes an English translation of the data breach notifications forms of the relevant Data Protection Authorities in the EU/EEA.
Privacy Policy/Documentation wording
We provide you with the wording that you have to include in your privacy policy on your website or in other documents (e.g. those required in clinical trials) with respect to the appointment of EDPO as your EU representative, including EDPO’s contact details and logo.
What should you look for in an EU & UK
Data Protection Representative ?
Here is our checklist for the appointment of your EU & UK Data Protection Representative
Checklist for the appointment of your EU and UK
Data Protection Representative
What services are included? Are there any extra (hidden) costs?
Does the Data Protection Representative simply forward the requests from the data subjects and Data Protection Authorities, or is there an actual handling of such requests?
What languages are covered? Is translation included in the fees?
Who is the team? What are their qualifications and experience?
Does the Data Protection Representative provide data breach notification support?
Do they provide a secure Art. 27 Compliance Certificate?
Does the Data Protection Representative’s contract terminate automatically in case of a data breach?
Are they conflicted by also being a DPO?
How responsive are they?
How and where do they keep a copy of your register of processing activities? How secure is their platform?
How many offices does the Data Protection Representative have and where are they located?
Was the Data Protection Representative’s information security system audited?
Does the Data Protection Representative have adequate insurance to cover their liability risk?
Checklist for the appointment of your EU and UK
Data Protection Representative
What services are included? Are there any extra (hidden) costs?
Does the Data Protection Representative simply forward the requests from the data subjects and Data Protection Authorities, or is there an actual handling of such requests?
What languages are covered? Is translation included in the fees?
Who is the team? What are their qualifications and experience?
Does the Data Protection Representative provide data breach notification support?
Do they provide a secure Art. 27 Compliance Certificate?
Does the Data Protection Representative’s contract terminate automatically in case of a data breach?
Are they conflicted by also being a DPO?
How responsive are they?
How and where do they keep a copy of your register of processing activities? How secure is their platform?
How many offices does the Data Protection Representative have and where are they located?
Was the Data Protection Representative’s information security system audited?
Does the Data Protection Representative have adequate insurance to cover their liability risk?