Third, a controller or processor not recognized inside the EU will be subject towards the GDPR if it procedures the private info of information subjects while in the EU and that processing is linked to the “monitoring” while in the EU of the “conduct” of information topics as their conduct https://justpaste.it/dampt