3rd, a controller or processor not set up during the EU is going to be matter on the GDPR if it procedures the personal info of knowledge topics inside the EU Which processing is connected with the “monitoring” inside the EU on the “conduct” of information subjects as their behavior https://cybersecuritycertificatesaudiarabia.blogspot.com/