IANAL but I have worked on GDPR compliance and I’m not sure how that will fly if they are phoning home. Of course the EU regulators probably won’t have bandwidth to chase these minnows but worth reporting in any case.
I think in OP case the app is not phoning home. The data are still in his pc, but he would like to export it in another format. I don't think GDPR applies here, but I am not an expert.
It's a little tricky to infer the specifics, but adware that collects personal data would be non-sensical if it doesn't phone home. In fact the whole idea of "collecting data" implies it is being sent to storage under control of the collecting entity. I think this is pretty clear cut under GDPR and there's no bypassing it based on the technicality of web app vs native app—I believe regulators learned their lesson about tight coupling to specific technical implementions with the earlier cookie laws.
On the other hand, you could be write that OP is just talking about data portability in which case there is "data collection", just lack of an export feature.
