However, I get the impression that PDX is very reluctant to make the change, that it doesn't manage to see GDPR as an opportunity, and that, on top of that, numerous changes are (seemingly) unnecessarily made against the interests of customers.
Formulations like that data is deleted GDPR-compatible, unless you have a game of PDX (which is always true, otherwise you wouldn't have produced data first), or now that a login (with data transfer) is necessary to access old versions seems cynical. I'm also worried about how much IPs seem to be stored.