Is a cookie notice required on a personal web site that uses cookies?

Indeed, the information out there is disparate and often confusing. According to the folks in this Quora thread, GDPR applies to you as well. On the other hand, this article would suggest you can ignore it right now.

CCPA applies only to businesses, for now anyway, as this article argues, so you should be okay there.

Now here's my take, working in ad tech and having to deal with these concerns regularly. If you store any personal information, you should have some sort of cookie policy or disclaimer. Even if your cookies are only first party cookies, not third party cookies, but you are still storing PII (personally identifiable info - which can mean anything from email address to IP address), you should disclose what you collect and for which purpose. If it's only for login and web analytics, disclose that. If you do not use the info to retarget or sell or advertise, also disclose that.

Between the ever-changing compliance landscape of GDPR, CCPA, and whatever may come next (V2 of GDPR, V2 of CCPA, other US state laws, US federal laws), you want to make sure that you are covered. Right now, governments are dealing with other problems, but it's only a matter of time until they turn their attention back to online privacy.

If your website and user base are small, you may be able to get away with not posting anything, but all it takes is one complaint and you may find yourself with more work than if you had originally posted the darn thing. All in all, it's better to be overdressed than underdressed here. Someone on a call with IAB mentioned that if you comply with the most strict version of best practices, you will almost certainly be covered.

Another good article here, including ideas for implementing notices. Keep in mind that your notice does not have to be loud or intrusive. You can execute it minimally and gracefully, as long as it's visible. Most, if not all, of your users will either ignore it or click "okay" anyway.