In comparison with healthcare information systems the GDPR is really not that hard to follow. You can get guides for business owners which can be read and understood in under an hour.

If you design your system according to the guidelines you usually end up with a product where it's easier to service your customer (eg. with full account exports). Deleting inactive accounts is great because it means less migration headaches in the future.

This is also why our privacy statement starts with "We […] don’t really want your personal data."

Can you point to any of these guides?