An EU representative is a natural or legal person established in the EU who represents companies outside the EU in accordance with Art. 27 GDPR. It acts as a point of contact for data subjects and data protection authorities in relation to the processing of personal data.
Companies outside the EU must appoint an EU representative if they process the personal data of EU citizens, e.g. if they offer goods or services or monitor the behaviour of EU citizens.
The EU representative will receive enquiries from data subjects and data protection authorities, represent the company on data protection matters and assist with GDPR compliance.
Companies that fail to appoint an EU representative risk fines and other sanctions from data protection authorities, as this is a breach of the GDPR.
No, according to Art. 27 GDPR, a company can only appoint one EU representative, but this representative must be based in one of the EU member states where the data subjects carry out their data processing activities. The representative will then act as a single point of contact for all data protection enquiries.