Do you have a store where other people can register accounts? Or do you initiate your invoice process and just keep it online for convenience?
Do you offer an online support channel? E.g. a contact form?
Are you the only user with any sort of back-end access?
Not legal advice, etc. etc. Want to figure out what the perception is about this legislation:
Do you believe that GDPR prohibits you from logging system changes (e.g. changes to plugins), core version updates, creation of new users, changes to user profiles, etc?
(And who initiated them from where, of course?)
Do you believe that you are not allowed to log any attempt at access of a prohibited / restricted page (clearly marked as such)?
Do you think you are allowed to log malicious login attempts, including by bots?
Do you think it is possible for a site with multiple admins to be GDPR compliant without logging?
Tagging @timkaye too if he has an opinion.