My website is an old one which lots of random nooks and crannies - I'm not being as pro-active as I can be when it comes to abiding by the law - I could, for instance have taken down all my stuff any only re-uploaded it after auditing if it checks out.
Scattered around the site there are still some embeded images/media from other domains I don't control. I can't guarantee that I've gotten rid of all of them, and I don't know what they might be tracking. If you find something, let me know and I'll sort it out ASAP.
I try to make sure I personally keep none of your private data. This website is static except for at least one of the games:
Primitive Pattern keeps a list of IP addresses (not timestamped) to prevent repeat 'voting'. I made this project a long time before GDPR was on the horizon and I don't know if it's compliant or not.
A couple of games, like puzzlescript games, will store savegame locally on your computer (via local storage, or in the case of Flash games, flash local storage) - I don't do anything with this data, it remains on your computer and only the game that made it will ever access it.
It's possible my webserver keeps logs of access with date and IP address of every access. This is necessary for security reason to diagnose hacking attempts. Ideally they'd be cleared after a couple of months, but I don't out understand the details of how my (apache) webserver operates. Maybe in time I'll figure it out and be able to update this.