3rd, a controller or processor not proven from the EU might be topic to your GDPR if it processes the non-public info of knowledge subjects inside the EU and that processing is connected to the “monitoring” while in the EU from the “behavior” of data subjects as their actions requires https://alphabookmarking.com/story17579520/cyber-security-consulting-in-usa