What European countries are not covered by the GDPR?
The GDPR applies to all countries that are members of the European Union (EU) and businesses that operate in different countries but process the personal data of EU citizens. It also applies to members of the European Economic Area that aren’t in the EU, such as Norway and Liechtenstein.
The countries that are not using the GDPR include:
- Albania
- Belarus
- Bosnia and Herzegovina
- Croatia
- Kosovo
- Moldova
- Montenegro
- North Macedonia
- Russia
- Serbia
- Switzerland (has similar laws to the GDPR)
- Ukraine
Additionally, since the 2020 Brexit transition period, the EU GDPR was replaced in the UK by the UK GDPR. While the essence is the same, EU GDPR and UK GDPR have a few differences, like legal consent age, supervisory authorities, and more.