How does the GDPR apply to software that is crawling the web and gathering publicly available email addresses (in order to help others quickly find business emails connected to a domain)? This is public data (not collected from individuals, but found on websites and also found on Whois). But the what that bothers me is that the data has to be cached/stored so that the software can work and that could be problem. I would really appreciate if you could point me in the good direction of my research. So far I found nothing very relevant (except that for example Whois is still in debate with GDPR representatives).
Regarding the processing of publically available personal data you would have to consider the fact that processing needs to be in line with the scope for which that data was made publically available by the data subject.
For example, you could get email addresses from LinkedIn and it would be fine to use those to contact the data subjects for recruitment purposes or to buildup a CV data base using the information fro m LinkedIn if you are a recruiting company.
However, if the email addresses were to be uses for marketing purposes this processing will most likely be unlawful unless you obtain the consent of the data subjects.