Your site needs an SSL certificate if only because search engines will penalise you if you don’t have one. Lots of other good reasons.
https://www.cloudflare.com/en-gb/learning/ssl/what-is-an-ssl-certificate/

Not all SSL certificates are created equal. Let’s Encrypt is free and is probably what you have. You can pay a lot for an industrial strength certificate but most will not unless they are a large organisation, take payments on their own website (not embedded solutions) or have very sensitive data.

Check your certificate here
https://www.ssllabs.com/ssltest/analyze.html

Hopefully you get an A rating.

Having a padlock means the interaction between you on your browser and the website you are using is encrypted, a very good thing. It does not mean that the website itself is to be trusted and is not the same as green bar padlock status. This explains it very well.
https://www.catalyst2.com/blog/good-bad-lets-encrypt/