Hosting Sites Outside European Union

The law is designed to protect the privacy of individuals within the EU.  In theory, this means that any website that serves EU citizens, has to comply with respect to those citizens, regardless of who owns the website or if a site is hosted outside the European Union (EU) borders. American sites will still have an obligation to comply with the EU Cookie Directive.

We’re outside of the EU, are we affected?
In practice, as enforcement is on a country by country basis, any company which has no legal EU presence, is  going to be very hard to pursue a case against. This  is  one  reason  that  a  lot  of  commentators  have  suggested  it  hands  advantages  to  non-EU  businesses.   A website owned by a  US company can avoid the law and still serve  content  to the EU, whilst  gathering better information about visitors and enabling them to avoid compliance notices.