News Banner for product updates, new resources & more goes here. Link
Please choose your language:

Visit us in:
Barcelona, Copenhagen, Hamburg, Hong Kong, Kochi, London, Madrid, Milan, Munich, New York, Paris, Vienna, Zurich

Show locations
  • EQS Cockpit
  • Whistleblowing
  • Insider Management
  • Policy manager
  • Investor Targeting
  • Disclosure
  • Webcast
  • Career
Request a demo
Ready to find out how EQS can make your regulatory workflows 10x more efficient? Schedule a zero-pressure demo to see how we can support your organization operationalize compliance, data privacy, sustainability management and investor relations.
  • Meet with an expert who will listen to your specific business needs
  • See our solutions in action, customized for you
We are here for you

Want to know more about our suite of solutions? Wondering if they are right for your specific business needs? Have feedback? Our global sales team is ready to answer all your questions and clear away those niggling doubts.

Looking for your next career opportunity?

Join us and make a difference
We are here for you

Want to know more about our suite of solutions? Wondering if they are right for your specific business needs? Have feedback? Our global sales team is ready to answer all your questions and clear away those niggling doubts.

Looking for your next career opportunity?

Join us and make a difference
Request a demo
Ready to find out how EQS can make your workflows 10x more efficient? Schedule a zero-pressure demo to see how we can support your organization operationalize sustainability management.
  • Meet with an expert who will listen to your specific business needs
  • See our solutions in action, customized for you
Compliance & Ethics
Solutions by objective
Policy & Procedure Management
Disclosure management
Third-party risk management
Anti-bribery & anti-corruption compliance
Whistleblowing & case management
Compliance awareness
Convercent by onetrust Support
Platform
All your compliance needs. One platform.
Whistleblowing
Secure channels. Complete protection.
Policies
Smart governance. Zero confusion
Approvals
Quick decisions. Total clarity
Third Parties
Deep insights. Safer partnerships
AI at EQS
White Paper
White Paper
Case Study
Webinar
Event
Article
Why Whistleblowing Matters
FREE White Paper: Building Systems that Actually Work
Resources by type
Case Studies Webinars White Papers Articles Events Updates Service
Data Privacy
Solutions by objective
Privacy automation
Platform
Protect data. Build trust.
GDPR Compliance
Seamless protection. Peace of mind.
AI Compliance
Ethical innovation. Future-ready.
Privacy Risk Management
One risk view. Zero blind spots.
E-learning
Knowledge that sticks. Teams that deliver.
AI at EQS
White Paper
Case Study
Webinar
Event
Article
Your audit checklist for GDPR compliance
Our data protection experts have created a step-by-step guide to preparing and conducting your GDPR audit, which you can download for free here.
Resources by type
Case Studies Webinars White Papers Articles Events
P
Sustainability Management
Solutions by objective
Sustainability reporting
Platform
All use cases on one platform. The sustainability cockpit.
CSRD
Collect data across your organization. Compliant reporting.
CO2 Footprint
Calculate your CO2 footprint. Reduce emissions.
Double Materiality
Understand relevant sustainability topics. Take action.
VSME
Report and share essential ESG data.
Taxonomy
Measure taxonomy-alignment. Become more sustainable.
CO₂ Targets
Set science-based climate targets. Plan and achieve reductions.
Product Carbon Footprint
Analyze emissions per product. Optimize your portfolio sustainably.
AI at EQS
White Paper
Case Study
Webinar
Event
Article
Navigating sustainability reporting after the EU Omnibus Proposal
The rules are evolving – this guide helps you stay on track.
Resources by type
Case Studies Webinars White Papers Articles Events
Investor Relations
Solutions by objective
Webcasts / AGM / IR Websites & Tools
ESEF / XML filing & LEI
Platform
Smarter IR. Stronger engagement.
Insider Management
Secure control. Total compliance.
Disclosure
Global filing. Zero stress.
Newswire
Maximum reach. Instant impact.
CRM / Mailing
Smart targeting. Deeper connections.
Investor Targeting
Right investors. Real results.
White Paper
Case Study
Webinar
Event
Article
Best Practices for IR Websites
Best Practices and Leveraging Digital Tools
Resources by type
Case Studies Webinars White Papers Articles Events
About us
About our company
Who we are and why you should trust us
About EQS
Why EQS
Careers
Back to overview

Who is concerned by the GDPR: Individuals & Companies

by Ola Mohty - Data Protection Expert – PhD in Law  | Updated: 23.02.2026

Understanding who is concerned by the GDPR is key for individuals and organizations worldwide. This article explains who falls under the regulation and why compliance matters.

GDPR: a regulation with worldwide applicability

Residents of Europe

European citizens benefit from GDPR rights regardless of nationality, ensuring transparency, control, and protection over personal data. The GDPR applies to both the organizations processing data and the individuals whose data is processed.

For EU-based organizations, any processing of personal data falls under GDPR, even if the data is handled outside the European Union—for example, on the servers of a parent company abroad. This includes activities such as employee performance evaluations or marketing campaigns using targeted advertising.

If an organization belongs to a group of companies, GDPR rules adapt accordingly: a Data Protection Officer (DPO) can be appointed for the entire group.

Ensure Compliance across borders

EQS Privacy Cockpit adapts to GDPR and other global privacy regulations, making it easy for organizations worldwide to manage data processing in Europe. Centralize compliance, secure personal data, and stay audit-ready—all from a single platform.

Discover how it works

Companies Worldwide

The GDPR is groundbreaking for its extraterritorial scope. Companies outside the EU targeting European consumers with goods or services must comply with GDPR when processing the data of these consumers. Case law will clarify criteria for targeting EU individuals, considering factors such as language, delivery country, and currency used.

This extraterritorial reach underscores the importance the EU places on personal data protection and prevents foreign companies from circumventing GDPR. To facilitate communication with European data protection authorities, non-EU organizations must designate a representative in the EU.

Who is Concerned

In summary, the GDPR affects:

  • All European citizens whose personal data is processed

  • EU-based organizations ensuring ethical and secure data processing

  • Non-EU organizations offering goods or services to EU residents

Conclusion

The GDPR touches everyone: European citizens, EU organizations, and even foreign companies serving EU residents. Understanding its scope, implementing robust data protection practices, and appointing responsible representatives is key to building trust, demonstrating accountability, and avoiding sanctions.

Ola Mohty
Ola Mohty

Data Protection Expert – PhD in Law

Passionate about privacy and data security, Ola has been helping organizations turn compliance into a true trust-building lever since 2018. Drawing on her deep legal expertise in personal data protection, she combines legal precision with a practical approach to support organizations of all sizes. Her mission: making data protection accessible, strategic, and value-driven.

Contact