That psuedocode is inaccurate - if a company (including its parent's subsidiaries) is not in the EU and does not provide services to companies which operate in the EU, then the GDPR has no inherent jurisdiction.
From my understanding it is correct. It applies to companies outside the EU if they collect data about people inside the EU. If this is enforceable is another question.
> This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to:
the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or
the monitoring of their behaviour as far as their behaviour takes place within the Union.
> This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to: the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or the monitoring of their behaviour as far as their behaviour takes place within the Union.