3rd, a controller or processor not set up during the EU might be subject to the GDPR if it processes the non-public details of knowledge subjects within the EU Which processing is relevant to the “checking” during the EU of the “behavior” of data topics as their actions takes place https://wildbookmarks.com/story17815240/cybersecurity-consulting-services-in-saudi-arabia