A good proportion of applications on Anvil are internal or B2B, rather than websites and publicly available landing pages (beyond a login page). Therefore I think most GDPR implementations are specific to the circumstances which is why you might not find too many posts on the subject. So for this part of your question :
I am not aware of any built in Anvil mechanisms to deal with this for your applications. What Anvil do for theirs is, I think, indicated in this post :