Content deleted Content added
m →Enforcement and inconsistency: fix common MOS:REFSPACE spacing errors, replaced: . <ref → .<ref (2) |
|||
Line 224:
== Applicability outside of the European Union ==
The GDPR also applies to data controllers and processors outside of the [[European Economic Area]] (EEA) if they are engaged in the "offering of goods or services" (regardless of whether a payment is required) to data subjects within the EEA, or are monitoring the behaviour of data subjects within the EEA (Article 3(2)). The regulation applies regardless of where the processing takes place.<ref>{{Cite web|url=https://www.fasken.com/en/knowledge/2019/11/the-extra-territorial-scope-of-the-gdpr/|title=The (Extra) Territorial Scope of the GDPR: The Right to Be Forgotten|website=Fasken.com|date=28 November 2019 |language=en|access-date=21 February 2020|archive-date=21 February 2020|archive-url=https://web.archive.org/web/20200221171716/https://www.fasken.com/en/knowledge/2019/11/the-extra-territorial-scope-of-the-gdpr/|url-status=live}}</ref> This has been interpreted as intentionally giving GDPR [[extraterritorial jurisdiction]] for non-EU establishments if they are doing business with people located in the EU. It is questionable whether the EU or its member states will in practice be able to enforce GDPR against organisations which have no establishment in the EU.<ref>{{Cite web|url=https://www.americanbar.org/groups/business_law/publications/blt/2018/04/01_speirs/|title=Extraterritorial Scope of GDPR: Do Businesses Outside the EU Need to Comply?|publisher=American Bar Association|language=en|access-date=21 February 2020|archive-date=21 February 2020|archive-url=https://web.archive.org/web/20200221171715/https://www.americanbar.org/groups/business_law/publications/blt/2018/04/01_speirs/|url-status=dead}}</ref>
=== EU Representative ===
| |||