Third, a controller or processor not set up within the EU are going to be subject matter to your GDPR if it processes the non-public details of information topics while in the EU Which processing is relevant to the “monitoring” during the EU on the “behavior” of data subjects as https://moodjhomedia.com/story1925942/cyber-security-consulting-in-usa