The owner of the forum received the "Nightmare letter" [1] which he is legally obligated to respond to, which as an open source project does not have the resources to be able to respond to them.
Open source is totally unrelated to the matter at hands here. Any small operator is having limited resources and GDPR has been thought to allow everyone to answer requests.
It gave 2 year to get conformity to something which has been effective since 1995 through a European directive. The forum owner decided to ignore this a do nothing, now he's confronted with the consequences of his choices.
But again his reaction is akin to a knee jerk reaction as he is probably in capacity to answer the request while outsourcing to a third party does remove his responsibility and obligation to answer GDPR requests just now it's gonna get a bit more complicated as he has a third party into the loop which is probably not complying either.
Show me the letter you received and we'll work from this.
You might want to get in touch with fluxBB dev to get a GDPR button extracting the relevant data from the database to avoid the pain of building the db query by hand.
