(80) When a controller or processor without an organizational unit in the Union processes personal data of data subjects located in the Union, and its processing activities involve offering goods or services to such persons in the Union (whether or not it requires payment from such persons) or monitoring their behavior (if in the Union), such controller or processor should appoint a representative, unless the processing is occasional, does not involve - on a large scale - the processing of special categories of personal data, or the processing of personal data relating to criminal convictions and violations of the law, and is unlikely by its nature, context, scope and purposes to give rise to a risk of violation of the rights or freedoms of natural persons, or if the controller is a public authority or entity. The representative should act on behalf of the controller or processor and may be the addressee of possible actions by the supervisory authority. The controller or processor should clearly designate a representative by means of a written authorization to act on its behalf with respect to the controller's or processor's obligations under this Regulation. The designation of a representative shall not affect the obligations or legal liability of the controller or processor under this Regulation. The representative shall perform his/her tasks in accordance with the authorization received from the controller or processor, including cooperating with the competent supervisory authorities with respect to any activities to ensure compliance with this Regulation. If it is not complied with by the controller or processor, the designated representative should be subject to enforcement action.