EDPB Publishes Guidelines on GDPR Article 27 Representative Role in EU

NOVEMBER 27, 2018

The European Data Protection Board (EDPB) provided very welcome guidance on the role of the Article 27 GDPR Representative following its Fourth Plenary Session. The EDPB is the body established by the GDPR to guide and supervise data protection across the EU.

The EDPB is made up of representatives from the supervisory authorities of all EU member states and replaces the body known as the Article 29 Working Party.

The EDPB has held a number of plenary sessions since its establishment, the fourth was held on 16th November 2018 in Brussels. You can see more details here.

Following this plenary session the EDPB published guidelines the territorial scope of the GDPR and, in this context provided very useful clarification on the nature of and requirement for the data protection representative role in the EU for GDPR purposes pursuant to Article 27.

This clarification is very welcome for non-EU based data controllers in particular in helping them to understand how the GDPR applies to them internationally and what they need to do in order to comply with the requirement for representation contained in Article 27 of the GDPR.

We will be considering these guidelines in details and providing further analysis here in due course. Meanwhile, the EDPB’s guidelines on territorial scope and GDPR Article 27 representation can be accessed here and you can download a copy here.


flor mccarthy

Flor McCarthy is one of Ireland’s leading lawyers and a recognised expert in marketing. He has particular expertise and hands-on practical experience in privacy, data protection and GDPR issues for marketers. He is certified by the Law Society of Ireland in Data Protection Practice and lectures lawyers on data protection practice and compliance. He is managing partner of a multi award winning niche legal practice. He has been in private practice for over 20 years and has been elected by his peers to sit on the exclusive Council of the Law Society of Ireland, the governing body for Irish lawyers.

If you process data on EU or UK data subjects and appreciate that compliance with the GDPR is essential for risk management, data-security and customer-confidence in your international business and you feel that you are a good fit for our EU representative services please click the button below to schedule a free call with us today. Assigning an EU or UK representative for your business is a straightforward process and we’ll be happy to talk you through it.

During the call we’ll answer any questions you may have and we’ll go through our service in full detail so that you have a complete understanding of our solution and how it can benefit your business. We look forward to speaking with you.