3rd, A controller or processor not established while in the EU will likely be subject to your GDPR if it processes the non-public knowledge of data subjects during the EU and that processing is associated with the “monitoring” during the EU with the “actions” of data subjects as their conduct https://ilovebookmarking.com/story17667426/cyber-security-consulting-in-saudi-arabia