General Data Protection Regulation (GDPR)
is already in effect for anyone who has European Union subscribers or handles EU-persons’ personal data
Do you control or process personal data of an EU citizen?
Then it DOES NOT MATTER where your company is physically located.
You MUST comply.