The minute you have user accounts, you have to export everything associated with EU residents that invoke data export rights. Every table with a user foreign key.
This is a big scope.
Every upvote. Every comment. Every file upload. Even on your innocuous personal blog. Not sure if it's in scope? Hire a lawyer.
Any product imaginable quickly becomes a big GDPR data export problem and legal headache.
If you're a small company, then you probably only have one database with a few tables in it. If that's the case, it really shouldn't be a huge burden to be able to run a few queries to export that data. And if it is, then you probably have other scaling problems that are an existential threat to your business.
As an example: assuming a standard RDBMS setup with a primary and replicas, I would expect that bulk operations would be done on particular replicas dedicated for that purpose. That way you aren't interfering with writes, or with the "normal" reads that come with regular website use.
The minute you have user accounts, you have to export everything associated with EU residents that invoke data export rights. Every table with a user foreign key.
This is a big scope.
Every upvote. Every comment. Every file upload. Even on your innocuous personal blog. Not sure if it's in scope? Hire a lawyer.
Any product imaginable quickly becomes a big GDPR data export problem and legal headache.
This is clearly a burden to small teams.