Well .. I think, we are ready for the GDPR they will becomes active on Mai 26.
Up from this date, any exist user must accept the GDPR agreement on the first login.
Also on signup the GDPR agreement must accepted.
Any time, we change the Agreement, the users then must newly accept the GDPR agreement.
If a user not willing to accept the GDPR, he can go to his profile and can request a account removing.
All other request are still ignored execpt the users Profile.