GDPR doesn't actually require that you delete date about anyone, it requires that you be able to dereference a user from their data after a defined period of time when you specifically request that your data is deleted.

This can include you having to directly contact the company in a way that isn't clearly visible within the app itself.