Menu

Examples of businesses affected

Examples of types of business to which the GDPR may apply immediately can be split into four broad categories:

1. Controllers that provide goods or services directly to EU residents or monitor the behaviour of EU residents.

 For example:

 

2. Processors that receive, and process, personal data relating to EU residents on behalf of businesses located anywhere in the world.

For example:

 

3. Controllers that transfer personal data relating to EU residents to other controllers inside the EU.

For example:

 

4. Controllers who receive inward transfers of personal data from controllers in EU member states.

For example: