Is it really such a big problem in b2b? Can't you be only the Processor sign a DPA with your customers and let them handle the biggest part of the headache?
yes. I am a data processor not a controller. If you store data tied to the user you still need a mechanism to retrieve / delete it. This is something I encountered. Even if it is in reality not an issue and by itself the data is meaningless. Perhaps I need better legal advice :)