Third, a controller or processor not established during the EU will be subject to your GDPR if it procedures the private information of data subjects during the EU and that processing is linked to the “monitoring” in the EU of the “conduct” of information topics as their actions usually takes https://johsocial.com/story7913855/cyber-security-services-in-saudi-arabia