GDPR set the terms of the debate as model regulation, and is inspiring similar legislation elsewhere. California's CCPA is largely similar to GDPR. Tech companies are lobbying in committee to neuter it, but it's not a foregone conclusion. Thus as a startup you should incorporate it in your architecture and roadmap, even if you do not execute on it right away.

Also your US clients may be subject to GDPR and pass it on to you transitively as they are required to do for subcontractors or IT services vendors.