GDPR EU Representative

GDPR EU Representative Services for non-EU Firms (Article 27)

EuroRep offers EU Representative services to non-EU firms in a convenient and efficient way, enabling you to proactively be compliant with the General Data Protection Regulation (GDPR) with little to no interruption to your day to day business.

Representative Services

EuroRep will be your Representative in all European Member States, and the point of contact for customers and authorities in the EU regarding data privacy in the Union. Under Article 27 of the GDPR, a representative must be appointed in at least one EU country if the processing activities are related to either the offering of goods or services, irrespective of whether payment by the data subject is required, or the monitoring of their behaviour so long as their behaviour takes place within the Union.

Tools: We have tools and solutions at the ready to assist you with GDPR compliance and software solution to assist with the ongoing monitoring. To purchase our GDPR solutions, click on “shop” below.


Advice: Contact us for special support regarding issues around data privacy by clicking “get in touch” below.



Do I need an EU Representative according to Article 27 of the GDPR?

Firms based outside of the EU but offering services to individuals in the EU (e.g. provision of a website in an EU language) or monitoring their behaviour (e.g. cookie profiling), need to appoint a Representative in the EU according to Article 27 of the GDPR.

Why should I care about a European regulation as a non-European company?

The GDPR extends its territorial scope, and therefore can be enforced on firms outside of Europe with potential fines of EUR 20 million or 4% of turnover whichever is greater.

Are there any exemptions to Article 27?

Controllers or processors are exempted from the requirement to have a Representative if all of the following criteria are met:

  • Personal data is only processed occasionally
  • The processing does not include large-scale processing of special categories of personal data or personal data relating to criminal convictions and offences
  • The processing is unlikely to result in a high risk to the rights and freedoms of the data subject

Latest from the Newsroom


GDPR in full force days after deadline

The GDPR is, at the time of writing, exactly 6 days old and some of (more...)



THE BROKER DEALER QUESTION Micah A. Taylor for Institute of Compliance Accessing US Capital private (more...)


GDPR: Does your company need an EU representative according to Article 27?

The General Data Protection Regulation (GDPR) is set to come into force on 25 May (more...)