I have posted a suggestion for development of Zenfolio to comply with the requirements of the EU's GDPR to the user voice forum today. Based on my reading, this regulation will have a significant effect on anybody located in the EU who wishes to send marketing communications to customers. Not complying with the consent for marketing rules could lead to Zenfolio users breaking the law. I don't think Zenfolio as configured at the moment will facilitate compliance. I wonder if anybody located in the UK or European Union, or selling into the EU has looked into the requirements of this regulation, and what conclusions you have reached about complying with it.