|
|
|
|
|
|
by PeterisP
2314 days ago
|
|
|
There's a big difference whether the company is in EU or not. If your company is in EU, then according to Article 3.1 the GDPR applies to all your procesing of personal data, period - with no exceptions depending on citizenship. So if you're a DPO in a EU company, then that's what's true for you, you definitely have to apply GDPR protections to EU citizens (and also noncitizens) wherever they are. If your company is not in EU, then according to Article 3.2. the GDPR applies only to people located in the EU - "This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union"; no qualification on citizenship, but a qualification based on location. |
|
|