Your site is properly configured with its certificate and chain. The feedback you are getting is likely from environments that have devices that are not getting Certificate Authority trust store updates either because they're too old or they've been disabled in some way by the administrator of that environment. Specifically, the devices having problems are most likely missing Let's Encrypt's root certificate, ISRG Root X1, in their trust stores.
A very old root certificate, DST Root CA X3, that many of these old devices were dependent on recently expired which is when this problem probably started. The devices in these environments are also likely having the same problem with many other sites on the Internet because Let's Encrypt is the largest certificate authority in the world. Since you don't control their environment, there's nothing you personally can do to help them other than relay this information and perhaps point them here for additional help.
Here's a post on the main Let's Encrypt site with more info.
I should probably add that the one thing you can do on your end is try switching to a different Certificate Authority such ZeroSSL which also supports ACME like Let's Encrypt. They use a different trust chain that may still be supported by these older devices.
It's worth pushing this back to the users to get them to tell their IT dept instead. If their desktop computers are being used to access the internet then they need to be up to date, or they need to disconnect them from the network.