I can speak for Spain, Portugal and France. The thing here is that in these 3 countries we had privacy and ecommerce laws that predate all this GDPR nonsense and everyone abids by those laws and ignores the nonsense.
Also, there's no culture of all the competition-suing stuff I've read in this thread. While it happens, specially between big businesses, it's not common and in general small shops are left alone to do their thing. They'll have time to care about legalities when they actually grow and make money. Personal data privacy is the only thing taken seriously and it also predates the GDPR; in general you only need to declare a "file" owned by your company stating which personal data you gather to the respective Data Protection Agency, which is free.
On the delivery time issue, it's always been enough to have a "Delivery in 24-48h" or "Delivery in at most 72h" in your shop's footer or somewhere else, for example in a specific "Selling conditions" page.
And about the cookies, I never put the dreaded "I accept cookies" popup unless requested by the client (I always ask them if they want to). In my (non-lawyer, although corroborated by some field experts I've met over the years) opinion, it is not required if you explain your cookies usage in your privacy policy or in a specific cookies page, and make the user accept your policy if they actually create an user account. In Spain an IP address is not considered personal information and, even if it was, it would still be lawful to gather it stating "functional or security" reasons, like for example avoiding DDoS attacks or having server logs. Not only that, but in websites allowing user comments (or other content, like images), it is mandatory to store an IP address in case something unlawful is sent, so it can be prosecuted.
My 2 cents.