That was just an example. Same goes for encryption. What I am saying is that the storage must meet the GDPR requirements if the service provider wants to use it in a GDPR compliant way.
And there are other use cases. We had the user from France who had even tougher restrictions on data processing and placement. But your information was very interesting and indeed it seems that if you use state of the art encryption and can make sure that nobody else has the encryption keys you can store and even process data (unless clear data is required for processing) anywhere even outside the EU without violating the GDPR.
At least I have found some source that claims so:
https://edpb.europa.eu/system/files/2021-06/edpb_recommendations_202001vo.2.0_supplementarymeasurestransferstools_en.pdf#page=32
https://edpb.europa.eu/system/files/2021-06/edpb_recommendations_202001vo.2.0_supplementarymeasurestransferstools_en.pdf#page=34
Using the Storj gateway with server side encryption might be a problem though. But for the native tools it should be fine. Very interesting!
Edit: I have just noted that on the bottom of page 33 the paper from the European Data Protection Board even mentions the case
Use Case 5: Split or multi-party processing
as
the EDPB considers that the split processing performed provides an effective supplementary measure.
Wow. The way I understand it this looks great for Storj.