I'm looking for a link that would confirm if we need to comply with GDPR or not. We're strictly a US-based business with no presence, customers, propects, or marketing in the EU.
The gray area is that occassionally someone from outside the US will find our website and fill out a contact form to get one of our ebooks. When that happens, we just delete the record.
A few people in the company are claiming we can be fined by the EU anyway. I'm looking for a reliable source that can tell me one way or the other. Thanks!