3rd, a controller or processor not founded inside the EU is going to be subject matter to the GDPR if it processes the private facts of data subjects while in the EU and that processing is linked to the “checking” in the EU of the “habits” of knowledge topics as https://reallivesocial.com/story3096762/cyber-security-services-in-saudi-arabia