[rvnx]

Infuriating. If you are based in Europe you can invoke Article 22 of the GDPR and get support of your local data protection inspectorate: "The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her."

There is perhaps the same in other juridictions (like California).

[hsbauauvhabzb]

Do you have to live in Europe, or could I travel there temporarily to engage the act (or even just pay a lawyer there on my behalf).

[blip54321]

GDPR applies to residents of Europe.

That said, I've never had a problem using it from the US.

[Gigachad]

I think it was never clear if residents of EU included people with citizenships but are currently located outside. So it would be safest to honour all requests rather than risk it.

[em-bee]

even if you live outside of your country, you typically still are considered a resident of the country of citizenship, because to declare you a non-resident someone would have to prove that you aren't still registed as resident or don't don't have a home there any more and are not going to go back any time soon, which you could do any day.

[blip54321]

This is incorrect.

There are complex laws governing residency which vary country-by-country. It's not atypical that, for example, if you spend 183 days in a year somewhere else, you're no longer a resident.

You're generally only a resident in one country. This governs taxation -- taxes are primarily based on residency, with some caveats. As a US citizen living in the EU, you will not pay the same US taxes as you would if you were living in the US, and in many cases, zero taxes.

[em-bee]

but that's why i said typically.

to change your status of residency, proof would be required.

and it depends who is asking. maybe i don't pay taxes as a resident, but for visa purposes i may still count as resident in my home country.

this is relevant now as china allows people only to enter by direct flight from their home country or country of residence. this is really messing with people who have their family in a third country. they have to make a detour to their home country if they don't have a residency visa for their family's country.

also if i go travelling for a year, i don't loose my residency status unless i stay somewhere long enough to establish residency there. that is, if i have a visa that allows that.

[blip54321]

GDPR is very clear -- EU citizens living outside the EU are NOT covered. US citizens living in EU are covered. That's not uncommon for laws; I don't get a ticket for breaking US traffic laws in the EU, or vice-versa. Very few laws reach across borders like that (taxes, some forms of child abuse, some forms of bribery, child support, arms trafficking, some types of military service, espionage, etc.).

However, as the other poster pointed out, from the perspective of a tech vendor, understanding the difference between:

- EU resident

- EU resident using a VPN in the US

- EU resident traveling in the US

- EU non-resident living in the US

For each request which comes in is practically intractable.

GDPR is also framed as a basic, universal human rights law. That also can have unintended tentacles. If you don't want a liability hole, it makes sense to honor GDPR for everyone, in practice (even if not under your ToS).

Practically, that's what everyone does. I've never had a GDPR request declined on the basis of residency (the last qualification being important).

[znpy]

Gdpr is a blessing, honestly.