Third, a controller or processor not recognized within the EU might be subject on the GDPR if it procedures the personal info of knowledge topics within the EU and that processing is relevant to the “monitoring” in the EU on the “actions” of data subjects as their behavior can take https://blockchaindevelopmentservicesusa.blogspot.com/2024/08/aramco-cyber-security-certificate-in.html
