Guest user Created: Nov 07, 2017 Last commented: Nov 07, 2017

Compliance of U.S. company dealing with B2B customers

We are a US-based company and we sell our services to EU companies. As part of those transactions, we collect first name, last name, email address, and phone numbers of representatives of those companies, and presumably most of these persons are EU citizens. Do we need to be compliant with the GDPR?

0 0

Assign topic to the user

Select user

Expert

Dejan Kosutic Nov 07, 2017

Answer: In order to provide a precise answer we would need some more information on the type of transactions and services provided by the US based company as well as the purpose of collection of the personal data.

If these information are lacking my first choice would be to consider that the US based company is acting as a processor and since they are dealing with a EU based controller there is high chance that GDPR would be applicable for the processing activities involving EU citizens personal data.

See also this article: EU GDPR controller vs. processor – What are the differences? https://advisera.com/eugdpracademy/knowledgebase/eu-gdpr-controller-vs-processor-what-are-the-differences/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Nov 07, 2017

Expert Advice Community