Territorial scope
- This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.
- This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to:
|
(a) |
the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or |
|
(b) |
the monitoring of their behaviour as far as their behaviour takes place within the Union. |
- This Regulation applies to the processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law.