[Mononokay]

They require every founder to come to the US and register as a US company. That's not particularly touching it.

[xg15]

Unless they IP ban the whole of the EU, they will still be subject to the GDPR once any EU citizen accesses their site. (Which, agreeing with AmericanChopper, is a purely theoretical thing - until the moment where YC wants to conduct any kind of business in the EU)

[icebraining]

Simply being accessible from the EU does not automatically mean the GDPR applies to a site. See Recital 23: https://gdpr-info.eu/recitals/no-23/

[xg15]

Ah, that's a fair point, I didn't see that.

[nl]

“Not touching the EU” is a meaningless phrase.

If they raise money from any limited partners in the EU it’s pretty easy to make a case they have an EU business. The physical location is irrelevant - that’s the whole point of the GDPR.