Brussels, 26th November 2018: In draft Guideline 3/2018 on the scope of application of the GDPR, the European Data Protection Committee specifies that the DSGVO covers those who offer goods and services to individuals. This means that the provision of goods and services to companies, i.e. B2B, is clearly not covered.
Guidelines 3/2018 on the territorial scope of the GDPR
For a long time it was not clear how far the geographical scope of the DSGVO extends. Art. 3 DSGVO seemed to be in need of concretization.
The European Data Protection Authority (EDPB) therefore decided to issue a new draft for a guideline on the geographical scope of application. It is intended to ensure a uniform interpretation of the territorial scope of application of the EU DSGVO.
Until now, Art. 3 para. 2 lit. a) in particular left open the scope of interpretation that the DSGVO is not applicable to companies not established in the EU if they do not serve end customers (no B2C). The European Data Committee has now clearly specified this in its guideline.