I thought once of using NNTP for comments (the blog messages themself can also be readable with NNTP). You can have a link from a static web page to separate page that displays read-only comments, and has instructions to post (you could also use iframe, although I do not recommend that; a normal link would do better, I think). That is what I wanted to do, at least.

(I don't know about GDPR, though, sorry)