Third, a controller or processor not set up in the EU might be topic to the GDPR if it processes the non-public info of knowledge subjects from the EU and that processing is relevant to the “monitoring” while in the EU of the “conduct” of knowledge topics as their behavior https://bookmarkloves.com/story19609288/cybersecurity-consulting-services-in-saudi-arabia