3rd, a controller or processor not proven while in the EU will probably be subject matter towards the GDPR if it procedures the personal knowledge of knowledge subjects in the EU Which processing is linked to the “monitoring” inside the EU of the “conduct” of information topics as their actions https://bookmarklinkz.com/story17620891/cyber-security-consulting-in-usa
