When a processing of personal data has a connection to more than one member state of the EU it is called cross-border processing.
The meaning of cross-border processing is defined in the GDPR as either:
- processing of personal data which takes place in the context of the activities of establishments in more than one Member State of a controller or processor in the Union where the controller or processor is established in more than one Member State;
- or processing of personal data which takes place in the context of the activities of a single establishment of a controller or processor in the Union but which substantially affects or is likely to substantially affect data subjects in more than one Member State.