UK Representative (Article 27 UK GDPR)

"The bad guys do not appoint Art.27 representatives"

These were the words used by Counsel recently in an English High Court case regarding the role of Art. 27 representatives (Mr Baldo Sansó Rondón v LexisNexis Risk Solutions UK Limited [2021] EWHC 1427).


This has been the second case concerning Art 27 representatives in recent months, and is an area organisations need to be aware of following Brexit.


In another case in May 2021 the Dutch DPA imposed a fine of €525,000 on, a USA company for failing to appoint Art 27 representative. 


In a nutshell, if you want to continue to sell to your UK customers, or target UK customers after 31 December 2020, then you may need to appoint a UK representative.


In the aforementioned case, the judge stated – “The appointment of a representative an important signal that the controller is engaging with the GDPR, understands its scope provisions, and accepts the conditionalities it imposes on its access to data and data subjects. It signals, in other words, a recognition of the bargain involved: the burden to be shouldered for the benefit to be gained. It is … a signal of good intent.”


The Judge continued “…Data subjects are basically entitled to two things: to have their data processed in accordance with the duties imposed on controllers (compliance), and to know who is doing what with their data  in the first place (transparency).” The Article 27 UK GDPR requirement is a not optional.


Don’t be a bad guy! Let us help with your Article 27 representative requirements.  You can call free (from anywhere) today by clicking the link below, or the widget on the bottom right of your screen.

Why SME Comply?

SME Comply can take the stress out of both of these obligations.  With a branches in England and Ireland we can offer both UK and EU GDPR Representative services.

During onboarding we will dedicate time with your teams to obtain a high-level understanding of what personal data you process and your approach to compliance.

Our team of consultants and solicitors will support you in compiling your Record of Processing Activities (RoPA) pursuant to Article 30 of the GDPR/UK GDPR, if you do not already have one.  We will assist with updating your Privacy Policy to include the our Representative contact details.

All packages include free monthly advice on generic data protection issues or rapid legal guidance on matters such as a data breach or data subject access requests.

To ensure continuity, all of this additional support will be provided via your named key point of contact (always a solicitor), who will be familiar with your business.

Our wide range of legal and business expertise allows us to bring knowledge to our interactions with regulators and individuals.

If more advice is needed then you will have access to SME Comply’s highly regarded data protection legal team who will work in conjunction with your in-house data protection team to offer seamless advice tailored to your business needs, as a traditional legal services and via our usual engagement terms.

The GDPR applies to all companies processing the personal data of individuals residing in the EU, regardless of the company’s location, and regardless of whether the processing takes place in the EU or not.

Our UK Representatives Package

the package includes:

Don’t take our word for it. This review was left by one of our Irish clients on Google Business Review:

“This is a very good professional service, very pleased with both service levels & price.”

UK Representative

(under 250 employees)

£ 500

per annum

Both EU and UK Representative

Discounted fees for combined EU and UK Representative services

For over 250 employees please contact us for a bespoke quote.
* You must provide us with an up-to-date Record of Processing Activity (RoPA) upon sign-up.

In summary

Combine our Services

This service can be combined with any of our current services (excluding our Outsourced DPO service).


We are qualified privacy solicitors and Data Protection Officers, so you can feel reassured that these important obligations are being carried out professionally and diligently at all times.

Gain customer trust – customers will also feel reassured that you have appointed professionally qualified individuals to act on your behalf in the EU and UK. See for yourself – read our testimonials!


Free monthly data protection advice included in price.

Access to our client data protection portal, including access to our popular and highly rated GDPR e-learning course for your employees (with certificate upon successful completion).

Cost Effective

Our tailored solutions are competitively priced.

Get in touch

If you want to have a chat about our services then please submit a message below:


If you would like a chat about our services or you have over 250 staff please get in contact.
The personal information you provide in this form will be used by SME Comply to respond to your enquiry only and for no other reason.