Third, a controller or processor not recognized inside the EU will likely be subject to your GDPR if it procedures the private knowledge of knowledge topics while in the EU and that processing is connected with the “monitoring” during the EU in the “actions” of knowledge subjects as their behavior https://baidubookmark.com/story17561592/cyber-security-services-in-usa