Although the General Data Protection Regulation (GDPR) went into effect May 25, 2018, companies still are wondering if a US company that is not subject to the GDPR acquires a European company that is subject to the GDPR, does the acquisition infect the data of the US company? The short answer, according to Bryan Cave Leighton Paisner LLP, is not necessarily. In order for the application of the GDPR to be more likely, he said there would need to be a change in the behavior and processing of the United States parent in addition to the acquisition. There are a few cases in which post-closing, a United States parents data would be more likely to be considered within the scope of the GDPR, however.
