You would have to not serve most of the world, GDPR-like laws are being adopted everywhere to facilitate data transfer with the EU. Japan, South Korea, Israel, Australia, New Zealand, Canada, China, India, Brazil and many other countries, and New York and California in the United States all have comparable laws now. It's only a matter of time before everyone will, that's how important the European market is.

What risks do you expect to be imposed on your business?

GDPR is common sense that you should be doing anyway if you respect your customers.

It is like saying, we don't sell our soda in the EU because their health requirements are too strict.

It doesn't inspire trust in the way you make your soda now does it?

>It is like saying, we don't sell our soda in the EU because their health requirements are too strict.

No, it's like European banks saying we don't serve US customers because their financial requirements are too strict.

Oh wait, that actually happens. Let me guess, someone is going to rush in and tell me why that's different (it's not).

There are only so many things a single person can focus on (hint: this is why companies get big). A solo entrepreneur or a small company needs to focus on a small set of things. That may involve only releasing your product in English or only worrying about US regulations by not launching outside the US. It depends on what you're doing.

If you are not in Europe, don't specifically target EU customers, and are small, I would simply ignore the GDPR.

They may be able to ignore the GDPR, but they can't ignore the VAT requirement. The problem is, VAT gives them constructive knowledge about who is in the EU and who isn't.

Yes they can ignore the VAT if they operate outside of the EU. It's up to the importer to pay the tax in that case. National posts and delivery companies have a standardized procedure for it. It's done in the same sweep with duty fees.

And even if the seller is based inside the EU they don't necessarily need to care about VAT - the limit is around 100k EUR yearly revenue (varies by state).

> Yes they can ignore the VAT if they operate outside of the EU. It's up to the importer to pay the tax in that case. National posts and delivery companies have a standardized procedure for it.

Yes, but... there is usually some "processing fee" for the customer when it is done this way, so it depends on what they are selling. For instance, if they are selling $10000 items, then yes, the customer probably won't mind too much a $30 processing fee additional to a VAT of about $2000. However, if they are selling $5 items, the post office will still ask its $30 processing fee, even if the VAT is only $1... And, the customer will scream murder, refuse the parcel, etc.

Yes they do that, but you have an opportunity to "do it yourself" - which amounts to just signing a paper they give you and paying. But perhaps that varies by state too - where I live this postal fee is 5 EUR only and they don't charge it for items under 20 EUR.

I would never advise to dodge taxes but pragmatically it also depends on the volume of rateable sales they do, or expect to do, in the EU. If you don't target EU customers and get one once in a while on small ticket digital items (I suppose for most physical items VAT will be charged to receipient when going through customs), I don't think many people will bother with EU VAT... Same for foreign customers from any countries, really. Let's say you get a customer from Brazil, are you going to check all Brazilian laws and regulations first and register with the Brazilian tax office if legally required? Frankly, probably not.

Personally, foreign regulations are not something I would spend time on until I start getting traction from the relevant country, otherwise it's a real rabbit hole.

How about CA, USA with similar legislation?

Go once through the whole process and put everything on right and then serve EU customers as well.

You can use Paddle as your payment provider and it will handle VAT for you.

For a small business I would imagine GDPR is pretty much just have a straight forward privacy policy that states your intentions with someone's data. If someone requests their data then send it to them, if they want it deleted then do. I think that GDPR likely doesn't come up for the majority of small business besides a data consent pop up on a homepage.

You know the expression to re-arrange deck chairs on the Titanic?

GDPR is common sense "don't screw your customers", so you should probably follow it anyway.

VAT collection is more complicated. Every significant platform should contain support for doing this, though. Are you coding your shop yourself from scratch?

Makes sense to me.

It's no different than not distributing a physical product to Europe.

Or having a website entirely in Japanese.

Or a storefront only business.

And people who want what you are selling have the similar option taking on the risks of acting through an intermediary and accepting responsibility for VAT and GDPR.

If you're lucky enough to survive and even luckier to thrive, you can always expand to serve that market later.

Good luck.

Go all in on GDPR, handling data sovereignty, etc.

Can't worry about it if it's the table stakes of doing business.