Do I Need to be GDPR Compliant?

Simply put, yes. While the laws governing GDPR are based in the EU, if your website has visitors from the EU, and you collect personal data of any kind, your company falls under the jurisdiction of the GDPR; this is especially true for eCommerce sites. Failure to comply can lead to fines of tens of millions of dollars.

An advantage of being GDPR compliant is you can feel comfortable knowing your privacy policy will also be compliant with other privacy policies (notably in California, Canada, and Australia).