I work for a US company and we’ve been developing GDPR products and preparing systems for yonks. It’s not really about if your company is US or UK or non EU. If you want to do ANY business with an EU entity or have any dealings with an EU person your company has to be be able to show GDPR compliancy.