GDPR is relevant to all organizations that collect and store personal data on EU individuals such as health data, email addresses, photographs, photos, biometrics, national identity numbers. Any information about an individual that is collected and/or stored in such a way that it can be tied back to that individual will be covered by the GDPR.Download this whitepaper and learn:How the EU will affect you as a non-European company;Insights into what you should do to prepare;”]
Source: https://www.bankinfosecurity.com/whitepapers/gdpr-from-north-american-perspective-w-4161