Third, a controller or processor not proven while in the EU are going to be topic to your GDPR if it processes the personal info of knowledge topics within the EU Which processing is related to the “checking” during the EU on the “actions” of data topics as their conduct https://mediasocially.com/story2919486/cyber-security-consulting-in-saudi-arabia