Yes, any business that collects or processes data from EU citizens is subject to GDPR, even if it's outside the EU. Of course, if you only deal with Indian customers, then you don't have to bother. But any company with a global presence should take urgent steps to become compliant. The process can be quite costly, with all the legal and consulting fees on top of changes to the systems, but it can benefit companies by making their services more trustworthy for their users. In fact, data protection is a theme that's being discussed for quite a while in many countries, so we can expect to see further changes in legislation following GDPR. So even if your company isn't operating globally, it's worth investing in data protection strategies and solutions.