European Data Protection Board (EDPB) publishes guidelines on territorial scope of GDPR
As is well known, the scope of the European General Data Protection Regulation (GDPR) extends far beyond the borders of the EU or the EEA. Therefore, the provisions of the GDPR apply not only to companies based in the EEA, but also to many providers from third countries such as Switzerland. However, details of this extraterritorial effect have been controversial since the GDPR came into force.
In November 2019, the European Data Protection Board (EDPB) has published definitive guidelines on the territorial scope of the GDPR. These guidelines explain the EDPB’s position in detail and with the help of examples.