If they only sold their products in Switzerland, sure. But once they operate in EU countries, they must respect EU laws (for those costumers, at least).
Switzerland is part of the EU Internal Market through the EEA though and therefore has to implement many laws like this. It just doesn't have a say in them.
Switzerland isn't in the EEA either as they rejected EEA membership in a vote in '92.
Instead they have a weird patchwork of bilateral treaties that are designed to look pretty much like EEA membership if you squint just right, and look like just bilateral treaties in separate areas if you squint a bit differently. They're linked, and at least the first seven have a "guillotine clause" so they all cease to apply if one of them is canceled, so in practice Switzerland is practically like an EEA member, but they get to pretend it's all very different.
There are some clear differences, though, and there have been years of negotiations trying to reduce them without success.
I don't know what point you are trying to make with your snark, but bilateral treaties are much easier to alter or cancel if one party so desires, and public opinion in Switzerland is that they were definitely the right choice and the way to go forward. They are actively being negotiated.
The point is that it was constructed largely as a convenient a fiction intended to mollify the Swiss electorate after they voted no to the EEA, as the bulk of the "separate" bilateral treaties can't be separated, altered or cancelled without all of them being canceled by the guillotine clause, as Switzerland has already found out once, so there is no difference in the difficulty of cancellations, for example - you cancel one thing, and everything unravels in either case.
They are actively being negotiated because both Switzerland and the EU have realised there's a need to reform the original treaties, and the EU for a decade now have insisted that anything replacing them need to be closer to the EEA agreement, while having made clear they're not doing this crazy thing again for anyone else.
Well, judging by how incredibly many EU citizens emigrate to Switzerland, which is directly caused by the bilateral treaties, there's certainly interest from both parties to negotiate. Switzerland also pays raw cash to the EU as part of the deal.
I'm not sure how long the EU can afford to further alienate countries that pay net positive into it's wallet, after losing the UK and the continuing rise of euroscepticism.
Switzerland's a bit of an oddity; it's actually not in the EEA, but in EFTA. It's not subject to the ECJ, but to EFTA Court (which is definitely not the ECJ wearing false moustaches). And it's not subject to the GDPR, but it has a law aligned to the GDPR.
EDIT: No, I'm wrong; while EFTA Court used to be based in Switzerland, Switzerland is no longer subject to it. It still exists, but only for EFTA members who are also EEA members. This whole thing is impossible to keep track of.
I think the idea is that the GDPR requires that companies allow users to delete or correct data about them.
And the GDPR scope is determined by the user, not the company. You can have your company based on the far side of the moon, with 99.99% of your users based on mars. For that one user that is living in Europe (note : living, not nationality) the GDPR applies.
Mind you, I'm not sure that the GDPR says that you can't charge for that. As long as you can justify that the amount is in relation to your expenses, my bet would be that a judge will allow it.
You can break a country’s laws depending on whether or not you are ever going to go to that country, or what treaties your country has signed which might cause it to enforce other countries’ laws.
These GDPR conversations tend to pointlessly go back and forth on this because one side is describing the GDPR from the point of view of: what does the law say? The other is looking at it from the point of view of: I only have to follow my country’s laws.
The latter is closer to correct in some technical sense; laws have finite jurisdictions. But the EU has a big market and so lots of entities play ball with them, to some extent, in general, so it is probably better for most people to comply.
No if you operate in the EU you have to comply that's it. If you buy something from Joe the farmer in PA, you are the one importing it (you are paying the custom duties) and Joe the farmer doesn't have to comply with anything related to GDPR. If Joe the farmer wants to sell directly its product in the EU (not from the US) then he has to comply.
Well, there can be administrative fees. It is a right, but that does not imply that it is cost-free. As a EU citizen you have the right to settle in france, but the registration process in the village you need to pay.
This is a sever breach of GDPR, so is their practice to use the information you give them when ordering for other things then processing your order without an explicit non required opt-in on your part.
Furthermore in the past when GDPR was new, judges where often quite lenient when it came to enforcement of first offenders but that is increasingly less the case. And which such bland consumer abusive business practices they might be in for a really bad awakening (if they sell to the EU).
Additionally given all that I wouldn't be surprised if their website is also committing GDPR violations.
Also even if they have free GDPR deletion "hidden somewhere" that still would be a violation of GDPR as it has been clarified by judges in other cases (related to information requests instead of deletion).
IANAL, but I don't see any requirement of it having to be "free". I probably miss something. And It would seem very much against the spirit, but is a company really not allowed to charge fees for "deleting"?
