Complying with GDPR in the digital world. There are very few exceptions to compliance. If you have a website that is accessible to EU Countries, then it is very highly probable you are processing personal identifiable information. Identifying information relating to a person could be an I.P. Address, Name, Photo etc. Cookies are also covered by GDPR and consent to placing cookies on a users device should be obtained.
Explicit consent is required to fully comply with the processing of personal information, along with process's to minimise the data required, processing, security and to have available upon request of a user a copy of the information you hold upon. A person also has the right to be forgotten. In other words any information you hold on them is to be permanently deleted. Additionally, you cannot charge a person for requesting information held upon them and for the request to be deleted / forgotten.
What was done on this website to make it compliant with GDPR?
Well firstly, As far as cookies were concerned, they were identified and listed. A privacy page was amended to include a plain english summary of how this website holds a visitors information and what information it holds.
Third party cookies.
The majority of websites use Google analytics, and why not? It is afterall a powerful and useful tool to measure performance of your website. However this method also places cookies on a users devices.
This is NOT legal advice, for legal advice you should contact your legal councel