Article 27 General Data Protection Regulation
The United Kingdom finally transitioned out of the European Union on the 31st December 2020. Amongst many other implications for the UK, there is an impact on Data Protection legislation. Specifically, the requirements that the European Union’s (EU) General Data Protection Regulation (GDPR) make on organisations based in the UK. The trade deal forged by both sides has resulted in an agreement to permit the free flow of personal data between the UK and the EEA (at least for 6 months whilst we await an adequacy decision). The UK Government has also recognised existing adequacy decisions made by the European Data Protection Board to countries with ‘fit for purpose’ data protection frameworks outside of the EEA. This is good news for UK based organisations, but there is still at least one sting in the tail!
Article 27 of the GDPR requires that any organisation that is not ‘established ‘ in the EU and processes personal data of persons within the EU in the course of offering goods or services, appoint a data protection representative in the EU.
So, if your business or organisation is ‘established’ in the EU, then providing you fit the criteria of ‘established’ as laid down in Article 3.1 of the GDPR then you can probably stop reading. However, if you are not, and you offer goods or services (whether on payment or not), to persons in the EU, then read on.
The obligation is for data controllers or data processors to designate a representative in the Union, in writing. There are exemptions to this obligation, which means there is no requirement if:
The representative shall be established in one of the member states where the subjects, whose personal data are processed in relation to the offering of goods or services to them, or whose behaviour is monitored, are situated.
The representative will become your point of contact in the members state(s) where you are operating for the supervisory authority for that area and for data subjects themselves, so they can exercise their rights.
Compliance and Privacy Solutions has teamed up with a leading EU Representative service called DataRep. DataRep has been offering this service since 2017 so is very experienced in the GDPR era and offer affordable solutions starting at €150 per year. DataRep is the only company offering representation in 29 EU and EEA countries.
Our relationship with DataRep means we can provide you a discount code giving you 10% off your first year’s fee. Get in touch at contact@caps-ltd.co.uk to arrange a no obligation consultation and receive your 10% discount code should you decide to go ahead.
Cookie | Duration | Description |
---|---|---|
_ga | 2 years | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors. |
_ga_* | 1 year 1 month 4 days | Google Analytics sets this cookie to store and count page views. |
_gid | 1 day | This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form. |
GPS | 30 minutes | This cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location |
sbjs_current | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_current_add | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_first | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_first_add | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_migrations | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_session | 1 hour | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
sbjs_udata | session | Sourcebuster sets this cookie to identify the source of a visit and stores user action information in cookies. This analytical and behavioural cookie is used to enhance the visitor experience on the website. |
Cookie | Duration | Description |
---|---|---|
IDE | 2 years | Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile. |
NID | 5 months | This cookie is used to a profile based on user's interest and display personalized ads to the users. |
PREF | 8 months | PREF cookie is set by Youtube to store user preferences like language, format of search results and other customizations for YouTube Videos embedded in different sites. |
VISITOR_INFO1_LIVE | 5 months | This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website. |
VISITOR_PRIVACY_METADATA | 6 months | YouTube sets this cookie to store the user's cookie consent state for the current domain. |
yt.innertube::nextId | never | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |
Cookie | Duration | Description |
---|---|---|
yt-player-headers-readable | never | The yt-player-headers-readable cookie is used by YouTube to store user preferences related to video playback and interface, enhancing the user's viewing experience. |
yt-remote-cast-available | session | The yt-remote-cast-available cookie is used to store the user's preferences regarding whether casting is available on their YouTube video player. |
yt-remote-cast-installed | session | The yt-remote-cast-installed cookie is used to store the user's video player preferences using embedded YouTube video. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
yt-remote-device-id | never | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
yt-remote-fast-check-period | session | The yt-remote-fast-check-period cookie is used by YouTube to store the user's video player preferences for embedded YouTube videos. |
yt-remote-session-app | session | The yt-remote-session-app cookie is used by YouTube to store user preferences and information about the interface of the embedded YouTube video player. |
yt-remote-session-name | session | The yt-remote-session-name cookie is used by YouTube to store the user's video player preferences using embedded YouTube video. |
ytidb::LAST_RESULT_ENTRY_KEY | never | The cookie ytidb::LAST_RESULT_ENTRY_KEY is used by YouTube to store the last search result entry that was clicked by the user. This information is used to improve the user experience by providing more relevant search results in the future. |