Now compliance is largely handled by the tool makers, and the Yoga studio can focus on their business case and any custom coded extensions to ensure they remain compliant. (For popular stuff like Apache, compliant configurations are probably already available or will be shortly, once we all figure out if we are allowed to keep logging IP addresses by default.)
I'm not sure I understand the email jab; obviously you can store data, you just must obtain consent first, and must allow the data to be deleted on request. That's an opt-in mailing list with an unsubscribe feature that actually works and properly deletes the relevant data. Why should that be difficult for a small business to do right?
You just gave a perfect example of why GDPR will hurt startups and innovation.