Scope of the service:
Data protection regulations oblige controllers and processors not established in the territories listed below to appoint a representative established in that territory to represent them vis-à-vis data subjects (consumers) and the competent national supervisory authority, if personal data is processed within those territories.
All the companies that allow the online access or pruchase (e-commerce) via their own website (app, web-app, home banking etc.) from those territories (excluding the territory where the company has its own premises) are obliged by law to appoint their representative and, where applicable, also appoint the Data Protection Officer (DPO).
Regulations:
- European Union under Article 27 of the Regulation (EU) 2016/679
- United Kingdom under Article 27 of the Data Protection Act 2018
- Swiss Confederation under Article 14 of the FADP – Federal Act on Data Protection
- People’s Republic of China under Article 53 of the PIPL – China’s Personal Information Protection Law
- Turkey under Article 10 (1)(a) of the Law 6698/2016 PDPL
- Egypt pursuant to Article 4 (11) of the Law 151/2020 PDPL
Fines:
If this obligation is not fulfilled, the competent national supervisory authority may impose the blocking of the company’s website (DNS), preventing it from processing the personal data of data subjects in that territory.
Service:
Thanks to its companies in the above-mentioned legislations, 365TRUST can offer the service of representative of the territory with the advantage, for the company, of signing a single contract saving time and money in the management of that obbligation.