As has been pointed out elsewhere, DMA isn't a privacy regulation. It is simply about competition. You can be in 100% compliance with DMA and poor privacy protections. This is the crux of the problem. How do you preserve the privacy of your customers while complying with regulations where the simplest path is to compromise your customer's privacy?