3rd, A controller or processor not set up within the EU are going to be subject to your GDPR if it processes the private knowledge of information subjects from the EU Which processing is connected to the “monitoring” inside the EU of your “actions” of data subjects as their actions https://trackbookmark.com/story19037463/cyber-security-services-in-usa