I’m not sure if I’m bound by the EU’s General Data Protection Regulation (GDPR). Probably not, because I’m not a business but a private person and this is my personal blog. I don’t sell anything, I don’t have a mailing list or newsletter, I don’t run any ads, I have no social-media share buttons.
If you comment on or subscribe to any post, I have your IP address, your browser user agent string and the (nick)name and e-mail address you provide. I will erase that if you ask, but I’m not at all sure that I know how to send you an exported file of the data (but I can probably find out).
I don’t intentionally share personal information with any third party. Our hosting provider collects information to run analytics, which I have no power over. I use Akismet to fight spam, which also keeps some personal data.
I don’t think I’m obliged to provide a street address or phone number here (not being a business), but if you need it you can ask for it by personal email, via the contact form, in a post comment, or on Mastodon or Twitter. (Note that if I don’t know you and/or don’t see the need for you to have that information, I may say no.)