We are a specialist UK representative agency established in order to help organisations comply with their UK GDPR requirement to appoint a representative under Article 27 following Brexit. As your Article 27 representative, we provide the local interface to facilitate communications with the UK data regulator, the Information Commissioner’s Office (UK ICO) as well as your data subjects and third parties as identified in UK GDPR.
Whether you process personal data in the UK as a controller or processor, if you have no fixed establishment in the UK, then you are legally obliged required to appoint a representative. Rep27 provides the necessary service to deal with your compliance needs, ensuring that communications with third parties relating to your privacy operations in the UK remain efficient and well-managed.
Consistent with European Data Protection Board Guidance, we take the utmost care to avoid both any potential conflict of interest with clients’ Data Protection Officers – a role which necessarily requires independence – as well as clients’ relationships with legal counsel. The value of personal data to businesses means that good governance of that data is critical, and that includes doing nothing which might compromise the privileged nature of discussions with counsel in situations where legal rights are in play.