The Importance of Article 27: Identifying a Representative in Europe

The General Data Protection Regulation came into effect on May 25. In an effort to comply, companies of all sizes have been taking steps to meet requirements. Mapping data, appointing staff to lead data protection work in the organization, reviewing and updating security, developing data governance programs – businesses are investing time and resources to understand and meet GDPR expectations. What is often lost in this flurry of activity is an understanding of GDPR’s Article 27 – a provision that requires that companies that are not established in the EU, but that collect and process personal data about residents of the EU, appoint an EU-based representative. The EU…

READ MORE