In short GDPR applies to any organisation which processes and holds personal data of anyone that resides in the EU. All these organisations must comply with GDPR, regardless of whether or not they reside in the EU themselves. 

Did this answer your question?