As I understand GDPR, it applies to everyone who has clients or virtual visitors from the EU. That means a US-based company/website still has to comply with GDPR if people from the EU visit their website and/or buy their services/products. I could be wrong on this, but either way, I'm all for this feature!

We need this!!

We need this

I am all for this.

Marla, here is the statute.Does the GDPR apply to EU citizens living or visiting the US?No. The GDPR specifically refers to “data subjects who are in the Union.” If an EU citizen is living or visiting in the US, the GDPR does not apply. This is an important distinction to be considered if all or nearly all of a company’s business takes place in brick-and-mortar locations on US soil.Territorial citation: https://gdpr-info.eu/art-3-gdpr/

One of the most common misunderstandings is that it's just for companies with clients in the EU. Every US-based company needs to understand and fully comply. Here's why:A person from the EU comes to the US on a trip and searches online for a dentist or a gym. Not only is the website owner, but the data processor is liable for compliance. There are very strict tracking and processing requirements, as well as opt-in and opt-out requirements. It doesn't matter if you intended to target the person who's researching from the EU about life in the US. They don't have to be in the US ever. If they visit your website, you can be held liable. You can't track it by IP address either because of VPNs.