|
|
|
|
|
|
by downandout
2983 days ago
|
|
|
It's a massive document so I'm not going to go through and find it, but here's an interpretation of what I'm talking about [1]: "The reach of GDPR is broad but is not unlimited. The mere fact that a U.S.-based website can be accessed in the EEA isn’t enough. If the company does not have a physical presence in the EEA, it must be determined whether that company engages in more than incidental contact with EEA residents." So if someone is going out of their way to mask the fact that they are from the EU, and you aren't otherwise seeking out EU users, you're not going to get in trouble for that. One issue I have with it though is that translation may trigger GDPR exposure, and since Spain is part of the EU, many sites aimed at Spanish speakers (but not aimed at the EU) may have this beast of a law apply to them. I operate a few sites that have Spanish content, so that is deeply troubling. [1] https://www.gtlaw.com/en/insights/2018/2/the-gdpr-deadline-l... |
|
|