[MobileVet]

> What not everyone knows is that those sites are mirrored over to the WordPress.com infrastructure, including WooCommerce customer data and purchase histories — and that infrastructure is as far as I understand the GDPR — not compatible with European privacy regulations

Yikes. Not surprising in this age of data hoovering, but definitely sketchy and likely illegal in the EU. I guess it follows the other point about Automattic ignoring laws outside of the US

[soco]

I might be wrong but the impression is that every US company tries the same, with different rates of success, And I don't only mean SaaS companies, or even IT. And I also don't mean unknowingly, but actively trying to impose their usual ways.

[aldavigdis]

I still find it confusing that you can both claim to be GDPR compliant and also that only US law apply to your operations. Automattic was also claiming compliance via the EU-US Privacy Shield which had already been made invalid by the European Court of Justice for a while.