3rd, a controller or processor not established inside the EU will likely be issue towards the GDPR if it procedures the non-public knowledge of information topics within the EU and that processing is relevant to the “checking” during the EU in the “habits” of information topics as their behavior normally https://cyber-security-consulting-in-usa.mystrikingly.com/blog/nathan-labs-advisory-premier-cyber-security-services-and-information