When you start creating your Privacy Policy, the first set of questions will be used to determine what privacy laws apply to you, and thus what disclosures your Privacy Policy needs to contain. The question of "do you monitor the behavior of residents of the European Union" will determine whether you need to comply with the European Union's privacy law, the General Data Protection Regulation (GDPR). If you answer "yes" to this question, you will need to comply with GDPR and will be asked additional questions for the disclosures required by this law.
GDPR will apply to you if you are monitoring the behavior of EU residents insofar as that behavior takes place in the European Union, regardless of where you are actually located. According to GDPR Recital 24, to determine whether you are engaged in such monitoring, it should be ascertained whether EU residents are tracked over the Internet.
The following is a list of examples that would qualify as "monitoring":
- Behavioral advertisements;
- Geo-localization activities;
- Online tracking through the use of cookies, pixels, or other techniques such as fingerprinting;
- Personalized diet and health analytics services online;
- CCTV;
- Market surveys and other behavioral studies based on individual profiles; and
- Monitoring or regular reporting on an individual's health status.
You should select "yes" to this question if you perform any of the above or monitor the behavior of EU residents through any other means. For more information, please read our article on who GDPR applies to.