What personal data is collected and who can read/edit it?

Some plugin & theme-component that maybe of interest.

Personal Messages

  • Are not a 100% private Admin can view, Moderators can view PM with a site setting change.

Discourse has a plugin that enables peer 2 peer encryption. - If going with a paid hosting look to see if plugin is included. Self-Hosted cinsider installing:

theme-component to Consider

The cookie consent Banner might not be enough for GDPR. You would need to check with local laws. @Jagster might have sine info on this and/or suggestions for theme-component & plugin to consider.