3rd, A controller or processor not recognized from the EU is going to be subject to your GDPR if it processes the private info of information topics during the EU and that processing is related to the “checking” within the EU of your “conduct” of knowledge topics as their behavior https://cruxbookmarks.com/story17701171/cyber-security-services-in-usa