Comment by brauhaus
7 hours ago
Only if the company is headquartered in EU/UK, right? Proton, for example, is headquartered in Switzerland. Even if it wanted, there would be no legal entity in EU to be fined.
7 hours ago
Only if the company is headquartered in EU/UK, right? Proton, for example, is headquartered in Switzerland. Even if it wanted, there would be no legal entity in EU to be fined.
My understanding is that a company's location is largely irrelevant; a company becomes subject to the GDPR when they handle EU citizens' data (or UK GDPR when it's UK citizens), and the EU/UK will still try to fine companies that aren't resident in the EU/UK - enforceability is a different question, although non-payment of fines opens the door to other remedies e.g. blocking access, seizing assets, etc.