GDPR is a sensitive topic, especially for Europeans.
It is bit similar to talking about “NHS sellout to the US” or “chlorinated chickens in Germany”.
And while it has reasonably well understood rules for European companies, in today’s digital cosmopolitan world it’s barely half the picture…
Here is the simplest way to make your website GDPR compliant: the first time a new user logs in make him/her click through a popup informing the user that all the data will be used at your own discretion… Done! You are GDPR compliant!!
And that’s exactly what Nextcloud is talking about when it claims it helps you.
Just edit the first run wizard PHP file to ask the users to give up their rights, in polite form
You can modify it from time to time and make users accept it again
If you are a multinational and your business model is to collect users data and “sell” them, that’s a different game… But those guys have $100M+ legal departments working on just that…