Comment by denton-scratch

Don't know why you got downvoted.

As a former GDPR compliance officer for a company managing about 40 customer websites, I can confirm that GDPR compliance is not burdensome or costly, unless you are intent on violating the GDPR. You appoint someone on your tech staff as compliance officer, and as an organisation you make sure that complaints are handled.

Handling complaints is something any business should be able to do, GDPR or not; a business that can't handle complaints isn't a viable business.