So just to follow up on my request to Epic for any and all information they had collected on me - they delivered. They did their due diligence, requiring me to confirm some stuff before providing any data (hey, someone at least pretends to care about security!), and provided a PDF with a clear and concise overview of my account info: display name, first and last name, account ID, account status, date of account creation, list of failed logins, any registered addresses, devices, sessions, IP addresses, user names for linked external accounts (and region for my PSN user), account history (a list of significant account actions - linking of external accounts, creation of the account, etc.), "entitlements" (the stuff I own through the Epic store, I guess?), a list of the agreements I've accepted and the date and time of this, payment info, tax info, transaction history (free games don't count as transactions, apparently), and code redemptions.
To sum up: this contained nothing I haven't directly provided them with myself. Certainly no usage logs or system data.
They also sent a .zip file containing the files "profile.html" and "profile.json". The json file contains this: "[ ]". Yeah, that's it. The html contains the necessary html code to make the background black and print "No Profile Data Available".
Of course, trusting this to be the end of things requires a few assumptions:
a) that Epic is actually sending me all the data they have.
b) that the short time I've had the app open is enough for any hidden shenanigans to activate itself.
So, tl;dr: they were helpful and did indeed send over the required data, and none of it looks fishy. On the other hand, there's no way of knowing if they're omitting anything.