This law is also applicable to companies that do not have a business presence within the European Union but handle EU residents' data.
Great article, covers the topic nicely. However, the myth that the GDPR applies to the world needs to be squashed. The GDPR ONLY applies to companies with a physical presence in EU. The EU has no authority to apply laws to those outside their own borders.
As an operator of a website, you are only subject to the laws of your physical location and, perhaps, the laws of the jurisdiction where your site is physically hosted. It doesn't matter if the visitor is resides in the EU, if you and your site host aren't in the EU, then you aren't subject to the EU or any of their laws, including the GDPR.
Think of it this way. If the EU declared that the max speed limit was 5kph, would you have to drive slower tomorrow? If you aren't in the EU, then the answer is obviously, no, you would continue to drive whatever speed is allowed in your nation.
Ok, instead, say the EU declared that the max speed limit was 5kph for any car that has an EU citizen in it, even for cars outside the EU. Would you have to drive slower tomorrow if happen to be giving a ride to a friend from Brussels? Again, the obvious answer is, no, because your laws don't travel with you, you are subject to the laws of where you are.
Why would it be any different for the GDPR? The answer is that it isn't different. EU laws only apply to those in the EU, because that is how laws, nations, and sovereignty work.
Respecting the privacy of users is important, but don't be fooled by the presumptuous and overly broad claims of the GDPR.
Great article, covers the topic nicely. However, the myth that the GDPR applies to the world needs to be squashed. The GDPR ONLY applies to companies with a physical presence in EU. The EU has no authority to apply laws to those outside their own borders.
As an operator of a website, you are only subject to the laws of your physical location and, perhaps, the laws of the jurisdiction where your site is physically hosted. It doesn't matter if the visitor is resides in the EU, if you and your site host aren't in the EU, then you aren't subject to the EU or any of their laws, including the GDPR.
Think of it this way. If the EU declared that the max speed limit was 5kph, would you have to drive slower tomorrow? If you aren't in the EU, then the answer is obviously, no, you would continue to drive whatever speed is allowed in your nation.
Ok, instead, say the EU declared that the max speed limit was 5kph for any car that has an EU citizen in it, even for cars outside the EU. Would you have to drive slower tomorrow if happen to be giving a ride to a friend from Brussels? Again, the obvious answer is, no, because your laws don't travel with you, you are subject to the laws of where you are.
Why would it be any different for the GDPR? The answer is that it isn't different. EU laws only apply to those in the EU, because that is how laws, nations, and sovereignty work.
Respecting the privacy of users is important, but don't be fooled by the presumptuous and overly broad claims of the GDPR.
Oh I see. Thanks I understand the point better now. I will update the article :)