All tech companies need to provide new features / policies / people to address these topics as long as they operate in the EU, regardless of company's origin country:
1. Breach Notification 2. Right to Access 3. Right to be Forgotten 4. Data Portability 5. Privacy by Design
Some references:
https://en.wikipedia.org/wiki/General_Data_Protection_Regulation https://www.eugdpr.org/key-changes.html https://www.codeinwp.com/blog/complete-wordpress-gdpr-guide/