A20(2): In exercising his or her right to data portability pursuant to paragraph 1, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
A12(3): ... Where the data subject makes the request by electronic form means, the information shall be provided by electronic means where possible, unless otherwise requested by the data subject.
Even in the case it didn't work out to directly query, as another has suggested, just making it easy to fill out as many forms as possible in an automated fashion has value. Use their email to send from.
Also, how does the data subject or gdpr.me know that your company hasn't hoovered up some PII of the data subject?
I've read it several times and unless more clarity comes down on questions like this I'm quite afraid of abuse. I've read 8% of UK citizens intend to (ab)use GDPR for spiteful reasons.
EDIT:
Ok - I believe this absolutely supports my point, straight from the horse's mouth... This is from WP29-2017-4-data-portability-guidance:
"Data subjects should be enabled to make use of a personal data store, personal information management system (PIMS) or other kinds of trusted third-parties, to hold and store the personal data and grant permission to data controllers to access and process the personal data as required."
This is immediately after saying businesses should create API's to allow data portability and GDPR requests.
You can of course go and approach this from a legalistic point of view but that's usually not how things work in the EU, if you are going to split legal hairs to see how you might be able to get away with something then you will be in for a surprise.
But don't take my word for it, feel free to build and launch the service and we'll see if it flies. For $40 I'll pass :)