Third, a controller or processor not established within the EU will probably be subject into the GDPR if it processes the personal info of knowledge subjects while in the EU and that processing is related to the “monitoring” inside the EU on the “actions” of information subjects as their conduct https://geniusbookmarks.com/story17664376/cyber-security-services-in-saudi-arabia
