You can implement GDPR rules by yourself. Start preparing a project plan of GDPR implementation and conduct a readiness assessment in order to verify what you need. Then, adopt policies and top-level documentation, prepare the Inventory of processing activities and define how to process personal data. You need to prepare information to data subjects (employee, customers, and suppliers) so implement the appropriate privacy notice for your website or contracts and verify if you need consent as a legal basis.
You should implement also a policy on how to manage data subject rights and increase awareness on data protection and data subject rights on your employees. You should check if there is any transfer of data outside the EU and if it is covered by the appropriate legal basis. Then, verify security measures and implement a policy in case of data breach.
Here you can find more information on how to implement EU GDPR: