Leo offers EU Representative services to non-EEA and non-UK firms as required by Article 27 of the GDPR, in a convenient and efficient manner, enabling you to do business with European residents from any location in the world.
Leverage Leo’s experience of working with organisations in the e-commerce and financial sector, and Leo’s expertise in creating privacy compliance tools by adding Leo’s GDPR Governance Solution to comprehensively meet your GDPR obligations.
Do I need an EU and/or UK Representative according to Article 27 of the GDPR?
Firms based outside the EEA and/or the UK without an establishment in the EEA and/or the UK but offering services to individuals in the EEA and/or the UK (e.g. provision of a website in an EU language) or monitoring behaviour (e.g. cookie profiling), need to appoint a Representative in the EEA and/or the UK according to Article 27 of the GDPR.
Why should I care about a European regulation as a non-European company?
The GDPR extends its territorial scope beyond the territory of the EEA and of the UK and
therefore can be enforced on firms outside of Europe with potential fines of EUR 20 million or 4% of turnover whichever is greater.
Are there any Exemptions to Article 27?
Controllers and processors are exempt from the requirement to have a representative if all of the following criteria are met:
© 2025 LEO. ALL RIGHTS RESERVED
