Home KnowledgeBase Getting your head around GDPR I thought GDPR was just for EU countries. Why is Weirdly affected?

Any company that stores or processes personal information about EU citizens within EU states must comply with the GDPR, even if their business isn’t based in the EU. To get really specific, that means any company who has: A presence in an EU country. No presence in the EU, but processes the personal data of European residents. (That’s us) More than 250 employees. Fewer than 250 employees but does data-processing that impacts the rights and freedoms of data subjects, is not occasional, or includes certain types of sensitive personal data. (That effectively covers all companies and if we weren’t already included under option 2)