Third, a controller or processor not recognized from the EU are going to be topic to your GDPR if it procedures the non-public knowledge of information topics within the EU and that processing is connected to the “monitoring” within the EU of your “behavior” of information topics as their actions https://cybersecurityconsultinginusa.blogspot.com/