For sure, but the GDPR only applies to interactions with EU residents while they are in the EU.

People on vacation away from the EU or emigrants are not covered.

Why should someone be covered by the jurisdiction of their place of residence when they are elsewhere?

That seems a bit authoritarian to me.

Say you went to a place where child sex traffic was legal, or the laws not enforced. This is illegal in several EU countries and the US, and you can be prosecuted upon return:

https://www.justice.gov/criminal-ceos/extraterritorial-sexua...