Privacy Notice

2. Provides an outline of governance for a Representative (Art 27), Provides the outline of governance for a DPO. (Art 37-39)

Answers:

1. I think what you are looking for is the Privacy Notice that needs to be delivered to the data subjects when the data is not obtained form him/her. This is a requirements of EU GDPR article 14 “information to be provided where personal data have not been obtained from the data subject” https://advisera.com/eugdpracademy/gdpr/information-to-be-provided-where-personal-data-have-not-been-obtained-from-the-data-subject/
This can be achieved by using the “General Data Protection Notice” in folder 2 and adding another mention regarding the source where the personal data has obtained from.

2. The EU GDPR in article 27 “Representatives of controllers or processors not established in the Union” https://advisera.com/eugdpracademy/gdpr/representatives-of-controllers-or-processors-not-established-in-the-union/ requires that under certain circumstances controllers need to appoint a representative in the EU. The administrative appointment itself is subject to local jurisdiction of the place where the representative would be appointed so this is why there is no such template in the toolkit. However, references to the representative can be found in the General Data Protection Policy in folder 2 of our EU GDPR toolkit.
As regards to the DPO you can find a Data Protection Office task description in folder 2 of the EU GDPR implementation toolkit. You can also learn more about the duties of a DPO from our article “The role of the DPO in light of the General Data Protection Regulation” https://advisera.com/eugdpracademy/knowledgebase/the-role-of-the-dpo-in-light-of-the-general-data-protection-regulation/