Hacker News new | ask | show | jobs
by Hanschri 1317 days ago
GDPR applies to individuals as well as companies if they provide services to customers within the EU/EEA[0], as long as they are either a data controller or data processor, which are explained better than I can in the source below[1].

If the business is based in the US, things get a bit more complicated due to the CLOUD Act[2].

[0]: https://ec.europa.eu/info/law/law-topic/data-protection/refo...

[1]: https://ec.europa.eu/info/law/law-topic/data-protection/refo...

[2]: https://complior.se/cloud-act-and-how-the-new-american-law-c...
1 comments
Msurrow 1317 days ago
It doesnt apply to individuals if it is not a business. See article 2, ยง2, litra c

https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELE...

link