When you sign up, an account is created which remembers settings. If you then, for example, submit a News item, then when a moderator approves the posting your screen name will appear along with your avatar as the author of the news item. And when someone clicks the name or avatar they will see your User Profile page. There will eventually be controls to let you decide what appears on that page. Right now I think there's nothing there except the avatar. But there will be things like, whether or not you are an author, how many reviews you've participated in, and so on.
You usually have a privacy policy that users must accept when signing up. It must say which personal information you collect and what's used for. Emails, IP addresses, GitHub usernames and names are personal information. This is separate from the cookie policy, which should address cookies you set globally on the site. This privacy policy is scoped to a form, since users not signing up won't be given you any data.
I always thought it was stupid how every website has to ask about how many cookies you want, instead of just putting that in the browser as a global setting. A website cannot "invade the privacy of site visitors" without the help of the browser. All a website can do on its own really, without the user's input, is log your visits and whatever information the browser sends. But this conversation is veering into the political so I should shut up now.
There are several categories of cookies. Cookies you use for login are called functional and need no consent. Analytics and tracking cookies do, however. If you're using Analytics, you must provide a cookie banner, which by default disables these cookies unless the user explicitly hits accept. It's not GDPR compliant to make non functional cookies mandatory. Regards, Ruben.