Login
 
MENU

GDPR and Brexit - PDT Solicitors ask - Will your business need to appoint a "representative"?

The UK will cease to be part of the European Union on 12 April 2019 in the absence of a "deal" to further extend the deadline. One implication of this is that businesses which hold, obtain or use data about EU citizens after the 12th may have to formally appoint a "representative" within the EU for data protection purposes.
The representative is not intended to simply be a "postbox". It will act as an agent and point of contact for all data protection matters, whether with individual citizens or data protection regulators, and must maintain records of the uses an organisation makes of EU citizens' data. The representative can be a company or an individual, but it must be mentioned in the privacy information that organisations make available to EU citizens.
If your business is required to appoint a representative and does not, action by a European data protection regulator could cause interruption to your business or result in legal action being taken against you.
Who must appoint a representative?
Any non-EU business or organisation which systematically deals with EU citizens or uses data about EU citizens after Brexit is likely to continue to be subject to the General Data Protection Regulation ("GDPR") and will likely be required to appoint a representative.
Technically, non-EU organisations are subject to GDPR if they obtain or make any use of EU citizens' personal data, either in connection with offering "goods and services" to them (including free services) or "monitoring their behaviour".
A representative is not required if the organisation already has an "establishment" within the EU (meaning it is already subject to EU laws) or if it meets a limited set of exemptions.
What is "offering goods and services"?
The business or organisation must "envisage" providing goods or services to EU citizens. The fact that EU citizens can access a website or otherwise identify the provider may not be enough to make an organisation subject to GDPR, but evidence that EU citizens are intended to be able to receive goods or services is likely to be sufficient.
What is meant by the term "monitoring their behaviour"?
"Monitoring" will not result from routine online collection or analysis of personal data (for example, website analytics) or occasional contacts with persons within the EU. However, any focused or deliberate analysis of EU citizens, including via behavioural advertising/marketing, conducting surveys, or conducting statistical analyses of personal data - whether for the business or organisation's own purposes or those of another - is likely to amount to "monitoring".
What steps should I take?
Organisations which use EU citizens' data need to decide whether they will be subject to GDPR after "Brexit" as a result of offering goods/services or monitoring behaviour - and, if so, whether any exemptions in Article 27 allow them to avoid appointing a representative.
If a representative is required, it must be appointed by the "Brexit" date and must be able to fulfil its functions, including having access to all necessary records, by that date.
If you have any questions or would like to know more about how we may help you please visit https://www.pdt.co.uk/

 

news

Related news

Installing mezzanines and repurposing warehouse space can really maximise the value of the available space in a warehouse or in the commercial spaces often built below large blocks of flats.
Sussex and South East accountancy firm Carpenter Box has signalled continuation of its ambitious growth plans with the appointment of a new Partner.
While England might not be bringing home the trophy , we were cheered up with the news that Designer Travel have received a new accolade.   Thank you to Exsus Travel for awarding us the ‘Top Agency 2023-2024’   Exsus is a fantastic supplier partner, and we work closely with them to curate everything from your dream once in a lifetime holidays to bite sized short breaks.  
Applications are now open for our EmpowHer leadership programme, designed to unlock the potential in female leaders.
Progression doesn't have to always mean improving the less optimal parts of your business, sometimes it's about playing to your strengths and building on your successes.
Project Officer Lydia Baxter, shares a brief overview of the Wilder Ouse project and the conservation work the team. Also a catch up with wildlife photographer Paul Parsons, to ask him about his wildlife and marine photography.
Govia Thameslink Railway (GTR), which operates Southern, Thameslink, Gatwick Express and Great Northern, has celebrated The National Gallery’s 200th anniversary by running its first ever live art class on a train.
Partnership Enterprise Event: Young Innovators Transforming Their Community The recent Community Links Partnership Enterprise event, supported by Dan & Helen Roe from Start Up Sherpa, brought together pupils from Lingfield College Prep, Lingfield Primary School, Felbridge Primary School, and Dormansland School, showcased an impressive display of collaboration and creativity. This initiative aimed to encourage pupils to work together to address local issues, develop practical solutions, and present their ideas with the potential for real-world impact.
The Gatwick Diamond delegation has returned from a successful showcase at UKREiiF 2024, with new connections and partnerships poised to enhance regional growth and collaboration.
On Monday 8 July Air Ambulance Charity Kent Surrey Sussex (KSS) will be celebrating International Paramedics Day and honouring the dedication of its specialist Helicopter Emergency Medicine (HEMS) paramedics, as well as all other paramedics, first responders and community volunteers across Kent, Surrey and Sussex, and around the world.
Roy Thompson, Head of Financial Services at Sussex-based Carpenter Box Financial Advisers, took to the classroom to help boost financial literacy among Year 8 and 9 school students in Eastbourne.
SHW, on behalf of Friday Media Group, has completed the sale of a 18,080 sq ft, semi-rural warehouse that sits within 1.9 acres of land. The sale is to Falcon Park Training and Conference Centre who will take full advantage of the generous outdoor area and close proximity to J10 of the M23.
South East businesses accounted for 10% of administrations in the first six months of 2024 – the fourth highest region in the UK – according to analysis by Sussex law firm Mayo Wynne Baxter.
It’s no secret that Microsoft 365 is a powerhouse of tools to support your business.
A 15-year-old partnership between Southern Railway and a charity for adults with learning difficulties is once again delighting thousands of passengers with fresh floral displays at stations in West Sussex.
This Rail Safety Week, Govia Thameslink Railway (GTR) has announced it is investing £2.5 million to help the business tackle abuse and disorder through its new Antisocial Behaviour Improvement Plan. The plan has been developed following a 23% increase in verbal staff assaults and almost a 10% increase in physical staff assaults across the rail operator’s network over the past year[1].
Identity and access management (IAM) is an important aspect of cybersecurity. Indeed, 80% of all cyberattacks use identity-based methods to gain access to target systems. Organisations that don’t adequately verify the identity of their users or ensure they’re only accessing what they need could be at risk of a costly data loss - or worse! In this article, Extech Cloud experts with cover the ins and outs of IAM and show you three ways to improve your own security strategy.
Air Ambulance Charity Kent Surrey Sussex (KSS) and independent family brewer and pub company Shepherd Neame are delighted to announce a new partnership launching on Monday 01 July 2024 that will raise the vital funds needed to help save lives every day in the communities they both serve across the region 24/7, 365 days a year.
Featured
Have you ever wondered what you would talk about if you did a Ted Talk? Mo Kanjilal from Watch This Sp_ce spoke at Brighton Dome in April. She talked about valuing the power in our differences.
More than half the trains Great Northern commuters take to Moorgate in the City of London are now controlled using ground-breaking digital signalling.
See all news

What's next?

Call usAbout usMembershipMembers
GDBA 2024 image

This site uses cookies.

Some of these cookies are essential, while others help us to improve your experience by providing insights into how the site is being used. For more detailed information on the cookies we use, please check our Cookie Policy

Select preferencesReject optionalAccept all

Cookie preferences

This website uses cookies so that we can provide you with the best user experience possible. Our Cookie Policy explains in detail how and why we use cookies. To take full advantage of our website, we recommend that you click on "Accept all". You can change these settings at any time via the button "Update your cookie preferences" in our Cookie Policy.

Necessary cookies (required)

Necessary cookies enable core functionality. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.

Analytical cookies

Analytical cookies help us to improve our website by collecting and reporting information on its usage.

Submit preferencesAccept all