My company provides support for an customer's ERP system in Europe. The system is hosted through us on the Amazon Web Services (AWS) cloud. AWS is fully GDPR compliant. We do not process any customer data directly - we only provide application support services and all with written confirmation from customer. Further, we have internal policies in place that control all access to view any customer data and tracking to ensure no one can do anything with it. I am looking into what we would need to do to be more compliant.
Your question is much too broad to be able to provide you with a spot on answer. What I can suggest is setting up a process for detecting and reporting data breaches to the data controllers, training your staff on how to manage personal data in a responsible manner, regulating any international data transfers if any, making sure you can respond to requests form data controllers asking you to delete, modify or transfer personal data. To find out more about the EU GDPR, check out our free EU GDPR Foundations Course(https://training.advisera.com/se/eu-gdpr-foundations-course//).