[Tharkun]

What are you basing that last paragraph on? It's my website, I'll damn well deny access to anyone I please.

[mattmanser]

Perhaps you should read the parable of King Canute?

Here's roughly what you must comply by, if you're not blocking the whole of the EU.

https://ico.org.uk/for-organisations/guide-to-the-general-da...

[ithkuil]

I'm not sure I understand what this means:

> Avoid making consent to processing a precondition of a service.

Does it mean I have to ensure my users can use the service even if I'm not allowed to "process" their data? I assume this must mean "processing" data for reasons not directly connected to the actual service. (E.g. using the data to gather business intelligence or sell it to third parties)

[jacquesm]

It's your website but they are not your users. You can deny access to anyone you please but for those that you do allow access you're going to have to abide by the law.

[TeMPOraL]

> What are you basing that last paragraph on? It's my website, I'll damn well deny access to anyone I please.

If you collect and process PIIs of EU citizens, the EU will do whatever it goddamn likes with you, which currently means some pretty high fines.

[ryanwaggoner]

Only if they can enforce and collect them. I’m extremely skeptical that they can do so for companies with no ties to the EU. I suspect other countries will take a dim view of the EU attacking their sovereignty like that, and will probably just ignore it.