Yes, the GDPR applies to non-EU data subjects. The GDPR applies to data subjects in the European Economic Area (EEA), which includes member states of the EU, as well as Norway, Lichtenstein, and Iceland.
Websites that collect personal information from data subjects in the EEA are subject to comply with the GDPR.
The GDPR is one of the strictest and broadest privacy laws in place. To avoid hefty fines, make sure that you understand the requirements for GDPR compliance.
Trusted by thousands of companies worldwide, Termly’s intuitive software generates legal policies and handles consent management for any business in minutes.
Termly allows our users to focus more on their business instead of spending countless hours figuring out data privacy compliance. - Jona, Senior Product Manager @ Termly