Third, a controller or processor not founded from the EU will probably be topic to the GDPR if it processes the non-public information of information subjects during the EU and that processing is connected with the “monitoring” while in the EU with the “conduct” of data subjects as their conduct https://bookmark-vip.com/story17725002/cyber-security-services-in-usa