Hi there, we are writing our privacy policy notice as a Controller in this case. We are a live chat software company. In this scenario we are writing the policy towards people who would visit our website and include their name/identifiable information in our information field so they can chat with us about our software. That means anyone in any country in the EU using our live chat could hypothetically be a data subject, even though we are an American company.
Assign topic to the user
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Expert
Andrei Hanganu
May 16, 2018
Answer:
Hypothetically yes, especially if you sell your chat software to EU companies this means you may be targeting data subjects in the Union.
Comment as guest or Sign in
May 16, 2018
May 16, 2018
May 16, 2018