The GDPR is just around the corner and will be effective in less than three months – on 25 May 2018. Organizations are therefore in the midst of preparations to comply with the new Regulation in order to avoid the potentially high fines. Non-EU organizations have to assess whether the GDPR is applicable to them and whether they must prepare accordingly. The answer to this question is provided in Article 3 GDPR, which regulates the territorial scope of the Regulation.
Sven Schonhofen and Friederike Detmering recently published an article on the “Territorial applicability of the GDPR” in the Business Law Magazine, which is available here.
This article explains the establishment rule and the market rule provided in Article 3 GDPR and gives practical advice on how to avoid GDPR applicability.