> Should be GDPR compliant since they don't use cookies or local storage.
That’s not how it works. If there’s personal data being transferred to the US, you are in violation according to the Schrems II ruling. If you only collect non-PII, you should be fine.
Make sure though that your definition of PII matches the regulator‘s definition.
That’s not how it works. If there’s personal data being transferred to the US, you are in violation according to the Schrems II ruling. If you only collect non-PII, you should be fine. Make sure though that your definition of PII matches the regulator‘s definition.