Your UK Data Protection Representative

The UK Data Protection Representative



Since Brexit a new obligation for non-UK companies has been created. All non-UK companies that hold or process personal data of UK citizens and don't have an establishment in the UK, need to appoint a UK Data Protection Representative. The Information Commissioner's Office (the UK's data protection authority) has issued this obligation clearly on their website. Not complying to this article cannot only bring damage to your reputation, you will also get a penalty for non-compliance. This could be up to 8,9 million pounds or 2% of your worldwide revenue.


You have to know the UK GDPR applies not to the whole of the UK territories. The UK GDPR applies only to England, Wales, Scotland, Northern Ireland and Gibraltar. The Crown Dependencies and UK overseas territories are excluded.


As your UK representative we offer the same services and packages as your EU/EEA representative and most of the time it doesn't have to cost extra if we are already your EU/EEA representative. If you have any questions visit our frequently asked questions where we have answered the most common questions we get or feel free to contact us.


Below we have provided an overview whether or not you are required to have representation in either the UK or EU or both.

Controller/Processor locations

Sell/offer to UK only

Sell/offer to EU/EEA only

Sell/offer to UK & EU/EEA

UK only

No action necessary

EU Representative necessary

EU Representative necessary

EU only

UK Representative necessary

No action necessary

UK Representative necessary

Rest of the world

UK Representative necessary

EU Representative necessary

UK & EU Representative necessary

UK & EU

No action necessary

No action necessary

No action necessary