"If the Data Subject, moves out of the EU border [...], or goes on holiday then their personal data processed under these circumstances is not covered by the GDPR and they are no longer a Data Subject in the context of the GDPR, unless the organisation is “established” in the EU"
I'm sure that's what the policy makers originally wanted (protecting the rights of all EU citizens). That being said, it would be nigh-on-impossible to implement.
Websites would run into the same situation as banks: anytime you open an account at most banks in Europe and probably around the world, they specifically make sure that you're not American, because then they have to comply with American laws if they don't want to get blacklisted.
"If the Data Subject, moves out of the EU border [...], or goes on holiday then their personal data processed under these circumstances is not covered by the GDPR and they are no longer a Data Subject in the context of the GDPR, unless the organisation is “established” in the EU"
Source: https://cybercounsel.co.uk/data-subjects/