Key Points

• In this article, the basic concepts determining the territorial scope of the General Data Protection Regulation (GDPR) are analysed in the context of constitutional EU law.
• Proposals made by the European Data Protection Board (EDPB) in the guidelines on Article 3 of the GDPR are critically reviewed in the light of the ‘methodological source code’ of the European unification program enshrined in Treaty provisions stipulating a teleological and system-coherent approach.
• More specifically, when it comes to Article 3(1) of the GDPR, the meaning of words such as ‘controller’ and ‘processor’, ‘establishment of a controller or a processor in the Union’ and processing ‘in the context of’ an establishment, are systematically analysed.
• When it comes to Article 3(2) of the GDPR, in particular the need to construe the spatial and temporal aspects of being ’in the Union’ in a consistent way moves into the limelight.
• As a result of the systematic construction of Article 3 of the GDPR, that departures from the distinction between a factual and formal approach advocated by the EDPB in its ‘data protection law’ specific analysis, it is possible to make more solid policy recommendations.

中文翻译：

---

GDPR 在上下文中的全球适用性

关键点

• 在本文中，在欧盟宪法法律的背景下分析了确定通用数据保护条例 (GDPR) 地域范围的基本概念。
• 欧洲数据保护委员会 (EDPB) 在 GDPR 第 3 条的指导方针中提出的提案根据条约条款中规定的目的论和系统一致方法的欧洲统一计划的“方法源代码”进行了严格审查.
• 更具体地说，当谈到 GDPR 第 3(1) 条时，诸如“控制者”和“处理者”、“在联盟中建立控制者或处理者”和“在以下情况下”处理等词的含义一个机构，进行系统分析。
• 当谈到 GDPR 第 3(2) 条时，特别是需要以一致的方式解释“加入欧盟”的空间和时间方面的需求成为人们关注的焦点。
• 由于 GDPR 第 3 条的系统构建，它背离了 EDPB 在其“数据保护法”具体分析中提倡的事实方法和形式方法之间的区别，因此可以提出更可靠的政策建议。