Nowadays, the GDPR’s extraterritoriality (Article 3.2) and its related obligation to designate a representative in the EU (Article 27) are some of its best-known features. According to these, any entity without a European establishment but nevertheless subject to the GDPR must appoint a dedicated representative in the EU. The role and responsibilities of the latter...