The Nightmare Letter: A Subject Access Request Under GDPR

[lagadu]

That's not enough: as long as you're storing an EU citizen's data you're liable to GDPR, it's not something you can disclaim your way out of.

That said, if you have no effective presence or business within the EEA then you're out of its reach.