It's chewed up a few weeks of active development time putting in features for purging and exporting anything that looks like it might be personal information, plus a considerable magnitude more hemming and hawing and trying to figure out if, how and to what extent the regulations apply to us, and how the customers that we sell our products interpret the regulations and what features they require for their interpretation of compliance. It's a big headache, especially where we are also dealing in industries that have conflicting data retention requirements.
If we didn't have EU-based customers with sufficient sales to justify the effort, there are a thousand and one other things that we could have better spent that time and energy on.
I care about privacy. Perhaps Mattheij does as well, and that's why this is important to him. If you agree with the spirit of the legislation, then I think you should also consider this a great opportunity to do the right thing, instead of a hassle.