Third, a controller or processor not proven in the EU will be topic towards the GDPR if it processes the non-public information of data subjects from the EU Which processing is related to the “monitoring” while in the EU from the “actions” of information subjects as their actions normally takes https://bookmarkinglog.com/story17652199/cyber-security-services-in-usa