• Rivalarrival@lemmy.today
    link
    fedilink
    English
    arrow-up
    9
    ·
    edit-2
    1 month ago

    Yeah, that’s how it was advertised, but that’s not really true.

    GDPR affects any company with assets accessible to EU regulators. It does not affect companies that have no business presence within the EU.

    A Chinese (Or Brazilian, or American, or any non-European) company that has no physical location or bank account in Europe is still accessible to European citizens. That company can still serve European customers. But European regulators have no means of enforcing the GDPR against that company; the European citizen is not protected by the GDPR from such a company.

    • MartianSands@sh.itjust.works
      link
      fedilink
      arrow-up
      6
      ·
      1 month ago

      Theoretically it also requires any company which is subject to GDPR not to send any data to third parties who aren’t, but I honestly don’t know how well enforced that is