ODO24 Logo
ODO24 Logo
ODO24 Logo
GDPR questions and answers

GDPR: QUESTIONS AND ANSWERS

Category:
Data Processing

Does the GDPR apply to a processor processing personal data on behalf of a controller outside the EEA?

ANSWER

If the data controller is an entity from outside the EEA, it is first necessary to check which legal rules apply in the controller's territory. Processing of personal data (if not carried out under the GDPR) will take place on the basis of the data protection legislation applicable in the country where that controller is established.

Processing on behalf of the controller should therefore be aligned not with the GDPR but with the rules of the country in which the controller is established. Chapter V of the GDPR, i.e. Articles 44–50, applies where a controller or processor transfers data to a third country, but those entities are subject to the General Data Protection Regulation. Under Article 2(2)(a) GDPR, the Regulation does not apply to processing of personal data in the course of an activity not subject to Union law.

Show all
PreviousNext

Read also:

07 June 2026

TikTok a RODO w sektorze publicznym – czego urzędy mogą dowiedzieć się z niemieckich zaleceń dla instytucji

29 May 2026

Kontrola służbowej poczty e-mail pracownika a tajemnica przedsiębiorstwa - kiedy pracodawca może legalnie przejrzeć skrzynkę?

14 May 2026

Czy pracodawca może opublikować zdjęcie pracownika? Wykorzystanie wizerunku pracownika na gruncie RODO i prawa autorskiego

Szkolenia

RODO od podstaw (8h) online

Receive a free package of 4 tutorials and 4 e-learning trainings
The controller of your data is ODO 24 sp. z o. o.
Processor for a non-EEA controller — does the GDPR apply? | ODO 24 | ODO 24