With respect to the services they should choose, do they need to have the combo of both EU and UK services or only EU services should be good? Context: They have opted for GDPR and not UK GDPR.

If your business plans to serve customers in both the European Union (EU) and the United Kingdom (UK), you need to understand the difference between the EU GDPR and the UK GDPR.

After the UK parted from the EU, it has still retained its version of the GDPR referred to as the UK GDPR. It works parallel to the Data Protection Act 2018. This is to say that if a firm in such a jurisdiction intends to operate in both regions, it should satisfy both pieces of legislation.

In essence, this means that if your company is only dealing with customers within the EU, then focusing solely on EU GDPR compliance may suffice. 

However, if your company is planning to expand its customer base to include individuals in the UK, you’ll need to ensure compliance with the UK GDPR as well. This is because the EU GDPR and the UK GDPR, while similar in many respects, are different legal frameworks and non-compliance with either can result in significant penalties.

Do businesses need different representatives in both the EU and the UK?

Yes, your company will be required to have a representative in both jurisdictions if it is going to have customers residing in both the EU and the UK. This is important in keeping your company compliant with the two sets of GDPR requirements. It also facilitates smooth communication with data protection authorities and data subjects in these two regions.

Fortunately, many firms that offer GDPR representation services are equipped to handle both EU and UK GDPR compliance. Opting for a service provider that can represent your company in both regions is often the most efficient approach. 

This not only simplifies your compliance efforts but also ensures that all your legal obligations under both the EU GDPR and UK GDPR are met without unnecessary duplication of effort.