3rd, a controller or processor not established in the EU is going to be subject matter to the GDPR if it processes the private facts of knowledge topics from the EU Which processing is linked to the “checking” inside the EU with the “actions” of information topics as their behavior https://reallivesocial.com/story3096762/cyber-security-services-in-saudi-arabia