Does GDPR applies just for European people?

Article 3 GDPR ruling the territorial scope and states that GDPR applies if:

• The controller or the processor carries out the data processing within the E.U. (therefore, your Spanish hosting as the data processor will apply GDPR)
• The data processing refers to data subjects within the E.U. where the processing activities relate to the offering of goods and services to data subjects in the E.U. and the monitoring of data subjects behavior as far as it happens within the E.U.
• The data processing is carried outside the E.U. but the E.U. Member State law applies in force of International law (i.e. your company based in LATAM is under some E.U. country legislation)

So, if your company is based outside E.U. and all data processed do not refer to European people, you will not apply GDPR. On the contrary, if your company is based in the E.U. you will need to comply with GDPR even if data processed belong to LATAM individuals.

Here you can find more information:

• Article 3 GDPR: https://advisera.com/eugdpracademy/gdpr/territorial-scope/
• What is the EU GDPR and why is it applicable to the whole world? https://advisera.com/eugdpracademy/knowledgebase/what-is-the-eu-gdpr-and-why-is-it-applicable-to-the-whole-world/
• Is the GDPR applicable to our company? https://advisera.com/eugdpracademy/knowledgebase/who-needs-to-be-gdpr-compliant-an-easy-explanation/
• 9 steps for implementing GDPR https://advisera.com/articles/9-steps-for-implementing-gdpr/
• List of mandatory documents required by EU GDPR https://advisera.com/articles/list-of-mandatory-documents-required-by-eu-gdpr/
• A summary of 10 key GDPR requirements https://advisera.com/eugdpracademy/knowledgebase/a-summary-of-10-key-gdpr-requirements/

You can also consider enrolling in our free EU GDPR Foundations Course

• EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course//