Who needs a Data Representative?

Article 27 of the General Data Protection Regulation (GDPR) says that organisations must appoint a data representative by law if they are based outside the United Kingdom (UK) or European Union (EU) and processes personal data in those territories.


It's not just your reputation that is at stake here... the penalty for non-compliance could be as high as the maximum fine of €20m (£18m) or 2% of your annual global turnover.


See below for more information about who must appoint a Data Representative in what circumstances to comply with this law.


Do I need a Data Protection Representative to comply with the General Data Protection Regulation (GDPR)?

This chart will show you what is required based on where you are processing personal data and where you are based

GDPR Article 27 Data Protection Representative Service

In more detail

Click the statement under the heading that best suits your organisation to see whether you need to appoint a Data Protection Representative

GDPR Article 27 Data Protection Representative Service

I am not based in the UK or Europe, and

I am based in both the UK and Europe, and

I am based in The UK, but not in Europe, and

I am based in Europe, but not in the UK, and
  • I process UK and EU data

    Yes, it is likely that you need a UK and European Data Protection Representative.


    Any organisation that is not based within the UK and Europe, but does process personal information about people in or from those territories, must appoint a data protection representative that is based there to comply with data protection law.

  • I process UK data, but not EU data

    Yes, it is likely that you need a UK Data Protection Representative, but not a European Data Protection representative.


    Any organisation that is not based within the UK, but does process personal information about people in or from the UK, must appoint a Data Protection Representative that is based there to comply with data protection law.


    If you do not process persoanal information belonging to people in or from Europe, then you will not need a Data Protection Represenative in Europe aswell.

  • I process EU data, but not UK data

    Yes, it is likely that you need a European Data Protection Representative, but not a UK Data Protection representative.


    Any organisation that is not based within the EU, but does process personal information about people in or from the EU, must appoint a Data Protection Representative that is based there to comply with data protection law.


    If you do not process persoanal information belonging to people in or from the UK, then you will not need a Data Protection Represenative in UK aswell.

  • I process data, but not UK or EU data

    No you do not need a Data Rep.


    This law only applies to organisations  that do processes personal information belonging to people in or from the United Kingdom (UK) and Europe (EU).

  • I do not process personal data

    No you do not need a Data Rep.


    This law only applies to organisations  that do processes personal information belonging to people in or from the United Kingdom (UK) and Europe (EU).

Compare services
  • I process UK and EU data

    No you do not need a Data Representative.


    This is because you are based in both the United Kingdom and Europe.


    This law only applies to organisations that are not based in the United Kingdom (UK) and Europe (EU).


    You may need to appont a Data Protection Officer if you are processing personal data belonging to people in or from the United Kingdom (UK) and Europe (EU).

  • I process UK data, but not EU data

    No you do not need a Data Representative.


    This is because you are based in both the United Kingdom and Europe.


    This law only applies to organisations that are not based in the United Kingdom (UK) and Europe (EU).


    You may need to appont a Data Protection Officer if you are processing personal data belonging to people in or from the United Kingdom (UK).

  • I process EU data, but not UK data

    No you do not need a Data Representative.


    This is because you are based in both the United Kingdom and Europe.


    This law only applies to organisations that are not based in the United Kingdom (UK) and Europe (EU).


    You may need to appont a Data Protection Officer if you are processing personal data belonging to people in or from Europe (EU)).

  • I process data, but not UK or EU data

    No you do not need a Data Rep.


    This law only applies to organisations  that do processes personal information belonging to people in or from the United Kingdom (UK) and Europe (EU).

  • I do not process personal data

    No you do not need a Data Rep.


    This law only applies to organisations  that do processes personal information belonging to people in or from the United Kingdom (UK) and Europe (EU).

Compare services
  • I process UK and EU data

    Yes, it is likely that you need a European Data Protection Representative.


    Any organisation that is not based within Europe, but does process personal information about people in or from Europe, must appoint a data protection representative that is based there to comply with data protection law.

  • I process UK data, but not EU data

    No you do not need a Data Representative.


    This is because you are based in the United Kingdom.


    This law only applies to organisations that are not based in the United Kingdom.


    You may need to appont a Data Protection Officer if you are processing personal data belonging to people in or from the United Kingdom (UK).

  • I process EU data, but not UK data

    Yes, it is likely that you need a European Data Protection Representative.


    Any organisation that is not based within Europe, but does process personal information about people in or from Europe, must appoint a data protection representative that is based there to comply with data protection law.

  • I process data, but not UK or EU data

    No you do not need a Data Rep.


    This law only applies to organisations  that do processes personal information belonging to people in or from the United Kingdom (UK) and Europe (EU).

  • I do not process personal data

    No you do not need a Data Rep.


    This law only applies to organisations  that do processes personal information belonging to people in or from the United Kingdom (UK) and Europe (EU).

Compare services
  • I process UK and EU data

    Yes, it is likely that you need a UK Protection Representative.


    Any organisation that is not based within the UK , but does process personal information about people in or from the UK, must appoint a data protection representative that is based there to comply with data protection law.

  • I process UK data, but not EU data

    Yes, it is likely that you need a UK Protection Representative.


    Any organisation that is not based within the UK , but does process personal information about people in or from the UK, must appoint a data protection representative that is based there to comply with data protection law.

  • I process EU data, but not UK data

    No you do not need a Data Representative.


    This is because you are based in Europe.


    This law only applies to organisations that are not based in Europe (EU).


    You may need to appont a Data Protection Officer if you are processing personal data belonging to people in or from Europe (EU)).

  • I process data, but not UK or EU data

    No you do not need a Data Rep.


    This law only applies to organisations  that do processes personal information belonging to people in or from the United Kingdom (UK) and Europe (EU).

  • I do not process personal data

    No you do not need a Data Rep.


    This law only applies to organisations  that do processes personal information belonging to people in or from the United Kingdom (UK) and Europe (EU).

Compare services

Still not sure?

We know that it can be difficult to navigate laws and regulations. If you're still not sure how the rules apply to you, then get in touch and our experts will be able to guide you.

Get in touch