We offer services for organisations within and outside of the European Union to help you understand and implement GDPR and other EU Privacy regulations. We take pride in our ability to be flexible and serve the needs in a way that best fits your organisation.
Although the GDPR has had a tremendous amount of publicity. Within and outside the EU in the news, forums and many other ways. There is still some inclarity regarding to the GDPR requirements for organisations, certainly for those operating from abroad. We offer many products to help you on your way to full compliance in an efficient way, and will explain these further were needed.
Scope for non- EU countries:
What you need to establish first as a non-EU organisation is whether or not the GDPR applies to you. Generally speaking if you are an organisation processing the Data of EU citizens which are included in your target market then it will. For example you have a website selling products in the language of an EU country such as Dutch, German, or Italian and accept payment in Euros. Then you are most likely required to full fill some of the GDPR requirements.
If you are let’s say a US retail company and you have a .com website offering products in US Dollars and you don’t deliver to the EU and do not target them in another way then you are generally not required to comply to the GDPR. For more info;
Art. 3-4 GDPR and Recital 23 of the GDPR goes into more detail, and you can contact us via email or skype message if you have any further questions on this matter.
Oh no, I’m in Scope! What do I need now?
Well don’t make any rash decisions. This is a bad idea considering the amount of inaccurate advise aimed at creating quick profits. We suggest you look at two requirements that are interestingly enough little exposed or dare I say even neglected under all the buy our software and DPIA’s or there will be fines, marketing campaigns.
The two articles and their requirements are Article 27 and 37 of the GDPR. Article 27 requires that if you are operating from outside the EU you must have a EU representative. Which must be located within the European Union. If you want to learn more please visit our Representative page here.
Article 37. GDPR requires some organizations to appoint a Data Protection Officer. This is only required when you process personal data on a large scale or uses special categories of personal data. In case you are wondering if this applies to your organisation please visit our Data Protection Officer page here.
There is a simple reason why it is advisable to investigate these two requirements first. Simply because the representative and Data Protection Officer can advise or help you on your route to compliance. Read more about our Representative services here & for our DPO Services and here.
For our affordable pricing on representative service click here.