Terms of Use for EU Representative Service
June 25, 2025
1. Parties
These Terms of Use (“Terms”) govern the EU Representative Service (“Service”) provided by DPO Europe GmbH, a company incorporated under German law with its principal office at Auguste-Viktoria-Allee 20A, 13403 Berlin, Germany (“we,” “us,” or “our”), to a non-EU company (“you” or “Client”) pursuant to Article 27 of the General Data Protection Regulation (GDPR).
2. Service Overview
The Service consists of:
- Acting as your EU Representative under Article 27 GDPR after successful qualification.
- Providing our company address and relevant contact information for inclusion in your public-facing Privacy Notice.
- Serving as a communication point with EU supervisory authorities and data subjects and offering other on-demand Active Mode Services when necessary (see Section 6).
3. Onboarding Audit (Required Paid Component)
To ensure that your organization meets the requirements necessary for us to serve as your EU Representative, you agree to undergo an Onboarding Audit prior to the start of representation.
📎 The Onboarding Audit is a mandatory, paid step and includes the submission of a questionnaire and relevant supporting documents.
📎 Payment for the Onboarding Audit must be completed via the payment system linked on our website prior to any review.
4. Audit Outcome Scenarios
Following the Onboarding Audit, there are three possible outcomes:
- Pass – Your company meets the requirements (e.g., maintains a valid RoPA, has a functioning data subject request process). → We will initiate the representation service at no further cost.
- Minor Deficiencies Identified – The Client’s practices are substantially compliant but contain minor deficiencies that do not prevent the initiation of the Service. In this case, we will provide written recommendations for improvement, and the Client may address these deficiencies without requiring a subsequent audit.
- Critical Gaps Identified – Your company lacks essential elements (e.g., no RoPA, no DSR handling process). → You must either:
- Remediate the identified deficiencies and undergo a second Onboarding Audit. A second audit will be offered at a 50% discount if undertaken within three (3) months of the initial audit’s conclusion, or
- Contract with our consulting department under a separate agreement to remediate the compliance gaps.
5. Scope and Limitations
📎 DPO Europe GmbH will not list your company as represented in the EU until the audit is successfully passed. The Client is also prohibited from listing DPO Europe GmbH as its EU Representative until receiving written confirmation of having successfully passed the audit.
📎 The initial Onboarding Audit fee is non-refundable regardless of the outcome.
📎 Representation services commence only after written confirmation from DPO Europe GmbH.
📎 We reserve the right to decline or terminate representation if critical compliance gaps are not addressed.
6. Active Mode Services (On-Demand)
Once your company is listed as being represented by us in the EU, we may, upon request or in response to legal/regulatory contact, provide Active Mode Services. These are billed separately on an hourly basis and may include:
- Communicating with EU data subjects, auditors, and supervisory authorities.
- Updating the Record of Processing Activities (RoPA) and other documentation maintained by the EU representative.
- Translating or interpreting official communications or submissions.
Active Mode rate: €200/hour (billed monthly with time logs upon request).
The performance of any Active Mode Service is contingent upon the Client’s prior authorization and acceptance of the associated costs.
7. Additional Services
If the audit reveals that your company requires additional documents or processes (such as RoPA creation, DPO-as-a-service, DPIA, LIA, AI impact assessments etc.), we may offer these services under a separate agreement.
8. Changes to These Terms
We reserve the right to amend these Terms at any time. Updates will be published on our website and, when applicable, communicated directly to current clients.
9. Governing Law and Jurisdiction
These Terms shall be governed by the laws of Germany. Any disputes shall be subject to the exclusive jurisdiction of the courts of Berlin, Germany.
10. Contact Information
DPO Europe GmbH
Auguste-Viktoria-Allee 20A, 13403 Berlin, Germany
Email: [email protected]
Website: https://data-privacy-office.eu/
