This topic came up before in https://github.community/t5/GitHub-Pages/How-to-deal-with-GDPR-on-github-pages-based-blogs/m-p/7719 but a couple of key points weren't answered satisfactorily, IMO.
One has to assume that github pages keeps a log of requests for each page that includes user IP address, timestamp, URL, etc.
How long are those logs retained, and how can a site owner request to have entries in those logs removed as per the GDPR requirement for "right to be forgotten"?
Solved! Solved! Go to Solution.
Followup -- got a response from the Github support team. GDPR support (including Data Protection Agreement) is available for corporate accounts that sign the corporate terms of service. https://help.github.com/articles/upgrading-to-the-corporate-terms-of-service/
Did they also drop anything about private users or developers outside an organization context?
GDPR does apply at least to those devs as well, and this actually sounds like those devs wouldn't be able to host anything on GitHub Pages for an EU audience.