@girish said in Make Ghost fully GDPR compatible?:
If you want to remove the CDN, we will have to take it up with Ghost to make the assets be self-hostable
I guess that would be the best option.
As @necrevistonnezr mentioned, there are some overly strict rules set in Germany. It's quite complicated to understand what's allowed for whom and how to achieve the level of data protection that's required. Especially if you don't have a background in law or aren't a trained web developer who knows exactly how to tell your server what to store/retrieve and how.
This unsettles ambitious amateurs (like me), so I'd rather be overly cautious than run into an open knife.