3rd, a controller or processor not founded from the EU will probably be matter towards the GDPR if it procedures the private info of information topics from the EU and that processing is relevant to the “checking” during the EU in the “habits” of data topics as their conduct normally https://bookmarkoffire.com/story17605907/cyber-security-services-in-usa