GDPR Article 27 requires in-scope companies to maintain a physical presence in the EU or UK if they process the personal data of EU or UK residents. Failure to do so can result in penalties and fines.
- GDPR Article 27
- The representative shall be established in one of the Member States where the data subjects, whose personal data are processed in relation to the offering of goods or services to them, or whose behaviour is monitored, are.
- The representative shall be mandated by the controller or processor to be addressed in addition to or instead of the controller or the processor by, in particular, supervisory authorities and data subjects, on all issues related to processing, for the purposes of ensuring compliance with this Regulation.
Osano can act as your organization's General Data Protection Regulation representative in the EU or UK.
- EU: Osano's subsidiary, Osano Compliance Services International, is based in Dublin and can act as a GDPR Representative on your behalf to intercept and pass along legal notices in the EU.
- UK: Osano's subsidiary, Osano UK Compliance Ltd, is based in Belfast and can act as a UK GDPR Representative on your behalf to intercept and pass along legal notices in the UK.
To utilize the GDPR representative services, qualifying accounts should go to the GDPR representative tab in their Osano application. There, you will see an address with an ATTN unique to your account.
Copy and paste this address into your GDPR policy, and you're done!
Now, should you receive any physical notices to your listed address in the European Union or UK, Osano will forward these to your designated contact(s).