UK Data Protection Representative Program
A simple, professional, and cost-effective way to satisfy the requirements of Article 27 of the General Data Protection Regulation of the United Kingdom (UK GDPR).
How can VeraSafe help?
VeraSafe has served as a data protection representative for hundreds of clients since the advent of the EU's General Data Protection Regulation and as a UK representative since Brexit. Our experienced attorneys are well versed in the intricacies of the UK GDPR, which is why several of the largest law firms in the world refer their clients to VeraSafe for representative services.
As part of your enrollment, VeraSafe will:
-
Act as your official data protection representative in the UK;
-
Guide you on how to properly publish our contact details in your privacy notice;
-
Serve as a point of contact for regulators and data subjects on issues related to personal data processing;
-
Receive communications from the Information Commissioner's Office (ICO) and data subjects and relay them back to your organization;
-
Provide your organization a website trust seal that visitors can click to verify your participation in the program.
Click to view verification page example
Do I need a UK Data Protection Representative?
-
Is your company located outside of the UK with no physical presence there?
-
Does your company process personal data in the course of offering goods or services to individuals in the UK or monitor* the behavior of individuals in the UK?
If you answered “Yes” to both questions, then you must** appoint a Data Protection Representative under the requirements of Article 27 of the UK GDPR.
*All forms of online tracking and profiling fall within the scope of "monitoring," including tracking cookies.
**There are some exceptions. Please schedule a free consultation if you require assistance evaluating your position.
| Gross Global Revenue (USD) | Enrollment Fee |
|---|---|
| $0 to $25 million | $1,200/year |
| Over $25 million to $50 million | $2,700/year |
| Over $50 million to $100 million | $4,050/year |
| Over $100 million to $500 million | $5,400/year |
| Over $500 million | Request custom quote. |
Program Pricing
Our professional, cost-effective program is billed annually and provides coverage for a single entity. Fees are tiered and based on your organization's annual gross global revenue in USD.
If you need coverage for multiple entities or would like to add representative services for the EU, please request a custom quote.
Why Choose VeraSafe?
Experienced Team
Our more than 45 team members include American and European attorneys, privacy professionals, and IT security experts with in-depth knowledge of global privacy regulations. Our ranks include former regulators and Vault Law 100 attorneys, Certified Information Privacy Professionals (CIPP), Certified Information Systems Auditors (CISA), and alumni of Big 4 professional service firms.
Compliance Consulting
VeraSafe offers comprehensive consulting services to help you understand and implement the requirements of the UK GDPR. In addition, we can provide guidance on other applicable regulations. From privacy and cybersecurity to AI governance, VeraSafe can serve as your trusted partner for achieving and maintaining multi-jurisdictional compliance.
Proven Track Record
Founded in 2010, VeraSafe is the largest firm in the U.S. dedicated exclusively to privacy, data protection, and digital law. We have served as an official representative for clients since the advent of the EU’s General Data Protection Regulation and in the UK since Brexit.
Trusted by
Fortune Global 10
Companies of all sizes trust VeraSafe's compliance solutions, including those among the top five largest companies in the world.
Frequently Asked Questions
What is the role of a UK data protection representative?
The UK data protection representative serves as a point of contact for organizations outside the UK that process the personal data of individuals in the UK. They facilitate communication between the organization, UK data subjects, and data protection authorities, and assist in addressing data protection inquiries and concerns within the UK.
What is included in the enrollment fee?
The enrollment fee establishes VeraSafe as your official data protection representative in the UK. We will receive legal documents and data subject access requests (DSARs) on behalf of your organization and quickly relay all correspondence to you. We will also help ensure that your organization complies with regulatory notification timelines established under data protection and privacy law in the UK.
How long does enrollment take?
VeraSafe can have your program in place in as little as one business day. Click enroll now to get started and our team will send you enrollment paperwork via email. Once your paperwork is signed, we'll introduce you to the program and guide you through any remaining steps.
Where is VeraSafe's program based?
VeraSafe can serve as your organization's UK Data Protection Representative through our establishment in London.
Will VeraSafe respond to inquiries on my behalf?
Generally, no. VeraSafe will receive and relay communications from regulators and data subjects back to you. In the event that we reasonably believe that VeraSafe is required by law to respond to an inquiry, we will notify you of the circumstances and respond in order to satisfy the legal obligation.
What communication options are included in the program?
Regulators and data subjects will be able to contact VeraSafe via a web form, phone number, and mailing address. These details, along with instructions on where to publish them, will be provided to you after your enrollment.
Does VeraSafe offer EU representative services?
Yes. VeraSafe can also serve as your EU data protection representative. This is a separate service that can be bundled with our UK representative program. Please request a custom quote to get started with both programs.
Does this program fulfill the requirement to appoint a DPO?
No. While the roles of a Data Protection Representative and a Data Protection Officer (DPO) have some overlap, your enrollment in the UK Data Protection Representative Program does not satisfy the requirement to appoint a DPO. VeraSafe can be appointed as your DPO for a reasonable fee, which is separate from our Data Protection Representative Program.
Key Contacts
Jim Cormier, CIPP/E, CIPM, FIP
Sr. VP and Head of Professional Services
Kellie du Preez, CIPP/E
Partner
Karl Laureau, CIPP/E
Partner
Isabel Fernández Del Campo Aguiló, CIPP/E, CIPP/US, CIPM, CIPT
Senior Privacy Advisor
Comprehensive GDPR Solutions
GDPR compliance is a multifaceted journey and VeraSafe is here to guide you every step of the way. From records of processing to privacy policy optimization, incident response, and external data protection officer services, VeraSafe can serve as your trusted partner for achieving and maintaining GDPR compliance.
Book a free consultation to learn more.