We are not a legal firm, but have engaged client’s legal firms on this matter, and as there are standard contractual clauses within Bubble’s agreement, then this would be suffice for implementation of GDPR in their applications while using shared infrastructure.
The legal firms engaged has stipulated and reviewed these Bubble clauses and thus recommended their clients to engage / continue with Bubble re European data.
Note further for reference:
In addition, like your screenshot, Bubble are not inherently GDPR European compliant, as there is additional steps a Bubble Developer, would have to implement, i.e privacy rules, data retention, deletion of user personal data. These can be implemented in a programmable way, thus you can make your application compliant with the current tools on shared infrastructure.