the data downloads i have done (that could be done by anyone with my unlocked phone and logins, such as US border forces) clearly do not even try to adhere to most of the clauses there (e.g. recipients of the data). tech companies dont try to apply GDPR outside of EU, but they are generally happy to give information to the police in all countries except china. i wonder if the chinese can download their data?