This is exactly what stops me from hosting websites. I simply have given up trying to keep up with the rules. It is a massive burden if you are not a corporation trying to extract information and just want to host a simple blog from a german server. At some point, private persons and maybe small businesses won't be able to keep up and the web becomes even more centralized.
It is possible to host a blog wihout third party services.
Maybe small businesses should focus on minimal websites and build from that.
As you grow, you can more easily affort the costs for lawyers to check if the features you want to build are GDPR compliant.
It always puzzles me how people making six figures a year for translating real-life requirements to technical ones suddenly throw a tantrum when said requirements involve law.
Disagree. The key information is no longer than an average privacy policy (and frankly, less complex) and whereas there are millions of privacy policies (which no one ever reads), there is only one GDPR. Give it one hour of close reading and you'll see just how important and useful it is. It's worth the effort because you only need to do it once.
