3rd, a controller or processor not set up during the EU is going to be issue to your GDPR if it processes the personal info of information subjects during the EU Which processing is associated with the “monitoring” in the EU from the “actions” of information topics as their habits https://socialbuzzfeed.com/story3039944/cyber-security-consulting-in-usa