Hi,
While your question is simple, the implications behind it makes it difficult for me to answer you.
If you just have Joomla installed on your website, maybe just a module to validate the use of cookies should be enough. For example:
extensions.joomla.org/extension/site-man...ticky-cookie-notice/
Joomla also has options by default to do most of the rest you might want to do on your website regarding the GDPR:
docs.joomla.org/J3.x:Privacy
For example, HikaShop integrates with the content privacy and the system privacy plugins automatically if you configure them.
This can be enough in many cases, provided that you respect the different rules. For example, a website needs to have a privacy policy page, like we have on our website. You need to set that up manually yourself. But there are extensions which can do that too.
For example, this one, which is the most used, can do this and many more things:
extensions.joomla.org/extension/site-man...cookie-control/gdpr/
Do you need it ? I don't know. It depends on many things relative to your website.
The best would be to first properly understand what you need to do to comply with the rules by reading about this online and seeing what rules apply to your situation. Based on this, you can make a more informed decision. And there are also professionals in that field if you need someone to study your situation for you to tell you what you should do (you can search for "GDPR compliance service" on Google to find some).