3rd, A controller or processor not set up during the EU is going to be subject matter into the GDPR if it procedures the personal info of data topics in the EU and that processing is related to the “monitoring” from the EU in the “habits” of data subjects as https://hubwebsites.com/story18929292/cyber-security-consulting-in-usa