What are the typical GDPR Representative tasks?

​​

• Maintain records of data processing activities of your company in the EU as per Article 30 of GDPR and where applicable. The GDPR Representative is required to have a clear understanding of what processing activities are taking place, failure to do so may result in unknowingly providing false information to the supervisory authorities.

• Act a GDPR point of contact between your company and your data subjects (i.e. your customers). For example, if your customers regularly wish to enforce their rights under the GDPR. This point of contact must also be provided in the local language of your EU customers.

• Act as a GDPR point of contact between your company, controller or processor, and the local supervisory authority in the EU. For example, in the case of complaints from data subjects (i.e. customers), the supervisory authority will need to be able to contact your GDPR Representative. The representative should be explicitly designated by a written mandate by the controller or processor.

• Act as the authorised person/organisation to receive legal GDPR documents on behalf of your company.

• The GDPR Representative may be subject to enforcement actions by the regulatory authorities in the event of non-compliance by the controller or processor.

• Make records available to the GDPR supervisory authority when requested. There is an obligation on the Representative to cooperate with the supervisory authority when requested.