(23) In order to ensure that individuals are not deprived of the protection afforded to them under this Regulation, the processing of personal data of data subjects located in the Union by a controller or processor that does not have an organizational unit in the Union should be subject to this Regulation if the processing activities involve offering goods or services to such persons, regardless of whether this entails payment. In order to determine whether a controller or processor is offering goods or services located in the Union to data subjects, it should be established whether it is clear that the controller or processor plans to offer services to data subjects in one or more Member States of the Union. While the mere availability in the Union of a controller's, processor's, intermediary's website, email address or other contact information, or the use of a language commonly used in the third country in which the controller has an organizational unit, factors such as the use of a language or currency commonly used in at least one member state and the ability to order goods and services in that language, or mention of customers or users located in the Union, may be sufficient to establish such an intention.