Many companies working outside of the EU believe that they are not concerned with GDPR because they are not located in the EU.
However, despite its location or place of incorporation, any company which processes and stores the personal data of people residing in the EU will be obliged to comply with the GDPR.
Here is a checklist of specific criteria for companies required to comply with the GDPR:
- The company is present in the EU;
- The company isn’t present in the EU, but it processes personal data of European residents;
- The company has more than 250 employees;
- The company has less than 250 employees, but it involves non-occasional data-processing which impacts the rights and freedoms of data subjects.