1) What is the basis on which we can declare that we are GDPR compliant?
2) What is the method of self-declaration? Can we declare it on our website?
3) Are we supposed to communicate with DPA about the compliance?
My advice would be to refrain yourself compliant with the GDPR. Is the same thing as declaring that you comply with the Tax Code or Criminal Code or any other piece of legislation. Another reason for not stating this is the fact that you might be challenging people to prove that you may have still some work to do.
And, last but not least don’t go proactively to a Supervisory Authority and state that you are compliant you may involuntarily trigger an audit.
Don't mistake GDPR with some kind of certification because it is not.