[tomudding]

While I personally believe the questions stated were perfectly reasonable (and could have been genuine questions from someone), I can understand that people feel (legally) pressured to provide answers to the questions. Which puts this study in a grey area.

With regard to GDPR, the "respond within x" is simply not applicable. The one month period is strictly for any requests concerning Article 15 through 22 and none of the questions are talking about any of that.

Now, if one of the questions was something along the lines of "do you process any information related to me?" then it would potentially fall under Article 15.1 and would require a timely response. IANAL, however, I think in such cases you could simply point to a privacy policy, which you are already required to have.