|
|
|
|
|
|
by raverbashing
627 days ago
|
|
|
Correct. If 23&M sells their services in the EU (and you bought the service while in the EU) then GDPR would apply But if you just walk into a pharmacy in the US and send your sample from there GDPR has nothing to do with it |
|
|
The only way to service EU customers is when we assume entering data on an US website is not exporting data from the EU to the US by the US company. Just like when I go into a Walgreen in NYC as an EU citizen.
For the last decade US and EU companies have ignored the fact that it is/was mostly illegal do transfer EU citizen data to the US (it is currently legal but will be illegal again) - also every EU company that exports data to the US (e.g. by using Mailchimp) needs to guarantee the safety of the data by auditing Mailchimp, no one does and there have been no fine for now, but I assume there will in the future.
See the discussions around
https://en.wikipedia.org/wiki/EU%E2%80%93US_Data_Privacy_Fra...
"The EU parliament raised substantial doubts that the new agreement reached by Ursula von der Leyen is actually conform with EU laws, as it still does not sufficiently protect EU citizens from US mass surveillance and severely fails to enforce basic human digital rights in the EU. In May 2023 a resolution on this matter passed the EU parliament with 306 votes in favor and only 27 against, but so far has stayed without consequences."