3rd, a controller or processor not established in the EU will probably be issue to the GDPR if it procedures the personal details of knowledge subjects during the EU and that processing is connected to the “monitoring” while in the EU from the “conduct” of knowledge topics as their actions https://socials360.com/story7889344/cyber-security-consulting-in-usa