Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If the company doesn't do any business in Europe it has no users in Europe, therefore it doesn't have to comply with the GDRP at all.


GDPR is extra-territorial and its rights apply to EU citizens wherever they are in the world

if a EU user is in the US ON HOLIDAY! and they're using your service, you're subject to the GDPR

(in theory)


No. GDPR isn't tied to citizenship. EU citizens & residents are not covered by GDPR when they are outside of EU unless member state's law applies by virtue of public international law (https://gdpr-info.eu/art-3-gdpr/).

A bit more unclear situation is if non-resident is visiting EU and uses services from their home country.


like most EU law it's badly written, but it states "to such data subjects in the Union"

given "within the Union" is used separately in the next sub-article to mean physically located within, it's arguable that "in the Union" could mean citizen of




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: