Generally, your device is instructed via a publisher's site/app to reach out to ad tech servers either directly (firstparty), or indirectly (firstparty->thirdparty, firstparty->RTB exchange->thirdparty).

Due to the "chaining", GDPR is particularly onerous on the adtech industry. Granted all the data is keyed by semi-anonymous IDs (cookies, IDFAs, IPs), the concerns for consent, retrievals, deletions, in a cascading manner, are an industry-wide problem requiring collective action. The IAB proposed something for the RTB side, the publishers don't like it, and it'll be tense until and through May 25th :)

Having said that, nobody wants to shut-the-whole-thing-down. While all these servers may refuse service based on fuzzing the request as originating from the EU, they may also decide to serve as-best-as-possible and minimize logging of the sensitive fields - it may be better, for example, to lose some functionality for European devices (behavioural targeting, for example, the idea of showing you an ad for the Widget you just looked at over and over), than to serve nothing at all.