|
|
|
|
|
|
by blip54321
1496 days ago
|
|
|
GDPR is very clear -- EU citizens living outside the EU are NOT covered. US citizens living in EU are covered. That's not uncommon for laws; I don't get a ticket for breaking US traffic laws in the EU, or vice-versa. Very few laws reach across borders like that (taxes, some forms of child abuse, some forms of bribery, child support, arms trafficking, some types of military service, espionage, etc.). However, as the other poster pointed out, from the perspective of a tech vendor, understanding the difference between: - EU resident - EU resident using a VPN in the US - EU resident traveling in the US - EU non-resident living in the US For each request which comes in is practically intractable. GDPR is also framed as a basic, universal human rights law. That also can have unintended tentacles. If you don't want a liability hole, it makes sense to honor GDPR for everyone, in practice (even if not under your ToS). Practically, that's what everyone does. I've never had a GDPR request declined on the basis of residency (the last qualification being important). |
|
|