I no longer use a database to send out newsletters or emails. And I don't share information with anyone else.
I have checked on the GDPR web site, and it says I don’t need to register.
I do keep details of clients, appointments, invoices and so on, for up to seven years - as required by HMRC just in case they need to examine details of income and expenditure.
These details are held on a password protected computer on a secure, in-house, network. Some as documents, some in a calendar app. There is no central repository of all data.
As far as I’m aware, all such personal data is pretty much available on the internet - company phone numbers and email addresses etc. So, if a hacker did manage to access the data somehow, they wouldn’t learn anything of interest.
However, if anyone really wants to know (a) if I hold any data about them and (b) what it is, then please contact me. Because it would take me an hour or two to go through lots of stuff and print it out (if there is anything there) I have to make a charge of £50. But I hope you have better things to do with your time!