We are a US based very small company (4-5 employees) and provide software for collecting data related to plant performance to plants based in US and EU both.
Now the only personal data we have in our cloud (365 office and outlook) are email id's and names of the employees of EU based plant workers. In some cases we have access to their offical phone numbers.
So yes we have what can categorize as personal data. But due to the limited customer information that we have would GDPR still apply to us ? and in this case would be act as a processor or controller of PI ?