Skip to content
Skip to content
ewpirecom

Client Data-Protection Registration Duties

For ewpire subscribers acting as data controllers – effective April 22, 2026

Why this page exists

ewpire acts as a data processorfor the personal data you run through the Service. Under GDPR Article 4(8), you – as the subscribing business or individual – are the data controller.

That controller role may come with its own registration or notification duties toward a data-protection supervisory authority in your jurisdiction. ewpire does not advise on, file, or pay for those registrations. This page explains what those duties might look like and where to find the right authority for your country.

Jurisdiction examples

United Kingdom

Most UK organisations that process personal data must pay a data protection feeto the Information Commissioner's Office (ICO) and register as a data controller. The fee is set under the Data Protection (Charges and Information) Regulations 2018 and ranges from £40 to £2,900 per year depending on turnover and headcount.

  • Micro organisations / sole traders: £40/year (Tier 1)
  • Small/medium organisations: £60/year (Tier 2)
  • Large organisations / public authorities: £2,900/year (Tier 3)

Register and pay at: ico.org.uk/for-organisations/register

Poland

Controllers processing personal data in Poland must comply with GDPR directly without a separate registration fee, but certain categories of controllers (e.g. those processing sensitive data or conducting large-scale monitoring) must consult the Urzád Ochrony Danych Osobowych (UODO). Contact and guidance: uodo.gov.pl

Bulgaria

Controllers established or processing data in Bulgaria must register with the Commission for Personal Data Protection (CPDP) if they fall under the scope of the Bulgarian Personal Data Protection Act. Registration and guidance: cpdp.bg

Germany

Germany has both a federal authority (the Bundesbeauftragte für den Datenschutz und die Informationsfreiheit, BfDI) and sixteen state-level authorities (Datenschutzbehörden). Federal public authorities report to the BfDI; private companies in each federal state report to that state's authority (e.g. BayLDA in Bavaria, LfDI in Baden-Württemberg).

No general registration fee applies in Germany under GDPR, but companies with certain risk profiles must appoint a Data Protection Officer (DPO). Contact your relevant state authority for guidance.

Other EU/EEA jurisdictions

GDPR does not require a general registration of all controllers across the EU. However, individual member states may impose additional notification, DPO appointment, or impact assessment requirements. Consult your national supervisory authority – a full list is maintained by the European Data Protection Board at edpb.europa.eu.

United States

There is no single federal data-controller registration in the US. However, if you process personal data of California residents, the CCPA/CPRA may impose obligations. If you operate in the healthcare sector, HIPAA applies. If your business involves financial data, GLBA may apply. Consult counsel qualified in the relevant state and federal laws.

What ewpire does and does not do

  • ewpire does operate as your data processor, bound by the Data Processing Agreement at ewpire.com/dpa.
  • ewpire does maintain its own registration as a data controller with the Estonian Data Protection Inspectorate (AKI) for its own data-processing activities.
  • ewpire does not register on your behalf with any supervisory authority.
  • ewpire does not advise you on whether, where, or how to register.
  • ewpire does not accept liability for your failure to register where required.

Next steps

Before deploying your ewpire AI employees to process personal data, we recommend you:

  1. Identify the country (or countries) in which you are established and in which you process personal data.
  2. Contact the relevant supervisory authority or a qualified local legal adviser.
  3. Complete any required registration, fee payment, or notification.
  4. Review our Data Processing Agreement and, if your organisation requires it, request a counter-signed copy from [email protected].

Contact

Questions about data-protection compliance at ewpire: [email protected]

LeMans Labs OÜ · Valukoja 8/1, 11415 Tallinn, Estonia