By now you may have heard of the new European Union GDPR / Data Protection laws which have recently gone into effect.
These are new laws regarding data privacy that effect any organization or entity that affiliates with any EU citizen. Although your organization may not be located located in EU, their regulation can effect any company/organization with users (clients, site visitors, etc) that are EU citizens even if they are currently located in the USA.
The GDPR guidelines are pretty complex, requiring your company to have systems in place regarding data storage that complies to the GDPR, but it also effects your website.
The first thing we would suggest for you, is that you make sure is that you have a privacy policy on your website that is compliant with the GDPR. There are some online wizards that help generate privacy policies that are compliant with the new GDPR.
We’ve found this one to be helpful: https://termsfeed.com/wizard/privacy-policy.