The WordPress core development team is working on making WordPress GDPR compliance.
WordPress GDPR compliance
At the moment there's a beta version available for testing: WordPress 4.9.6 Beta 1.
That Beta release is focused on adding privacy enhancements to the WordPress core.
WordPress 4.9.6 Beta 1 is available here: https://make.wordpress.org/core/2018/05/03/wordpress-4-9-6-beta/
Some new features in WordPress regarding GDPR
- Export Personal Data
Adds the possiblity for users to export their personal data from a WordPress website
- Remove Personal Data
Adds a function for its users to remove their personal data entirely from a WordPress website
- Commenter Opt-in for Cookies
When a visitor leaves a comment on a WordPress website, a cookie will be saved so that the authors name + email + website can be used for the next comment. To comply with the GDPR the next WordPress version will get an Opt-in "Save my name, email and website in this browser for the next time I comment" that is unchecked by default.
More information about the effort to make Wordpress GDPR compliance: https://make.wordpress.org/core/tag/gdpr-compliance/