What's your reasoning for this assertion? If the user is a European citizen, I was under the impression that GDPR was applicable. The location at which the user is at does not matter one iota.
US companies need to understand this, or risk losing trading abilities with citizens and organisations in EU member states.
No, Youre wrong, citizenship doesn't matter, the application dependeds on physical location. If youre an American in Europe the GDPR applies to you, if youre a European in America the GDPR does not
