That's fair. Although a lot of data can become personal data if you're not careful.
> it's about sending the data to the US (or most non-EU countries)
Disagree, the United States is in a worse condition that most other countries. Even in countries without an adequacy decision, you can usually satisfy GDPR by incorporating SCCs into your contract. A US company cannot comply with GDPR because they are beholden to US laws which require them to violate the terms of any contracts they sign protecting the data privacy of their users (according to the CJEU).
> It's very easy to be able to send the data and be compliant
Probably depends on your context. Something like, say, sending a pile of data over to GCP to train an ML model on? Probably easy to comply. Front-end dev work? Anything that makes the user's device connect to a Google URL is forbidden, since that's sending personal data (IP Address). The higher-level your framework, the more care it takes to avoid some dependency doing this behind your back.
That's fair. Although a lot of data can become personal data if you're not careful.
> it's about sending the data to the US (or most non-EU countries)
Disagree, the United States is in a worse condition that most other countries. Even in countries without an adequacy decision, you can usually satisfy GDPR by incorporating SCCs into your contract. A US company cannot comply with GDPR because they are beholden to US laws which require them to violate the terms of any contracts they sign protecting the data privacy of their users (according to the CJEU).
> It's very easy to be able to send the data and be compliant
Probably depends on your context. Something like, say, sending a pile of data over to GCP to train an ML model on? Probably easy to comply. Front-end dev work? Anything that makes the user's device connect to a Google URL is forbidden, since that's sending personal data (IP Address). The higher-level your framework, the more care it takes to avoid some dependency doing this behind your back.