Yeah, my point is just that the way databases have been developing recently has been towards eliminating mutation and deletion. The GDPR’s conception of deletion is fundamentally opposed to these models.
However, you can sort of match the two by storing personal data in a separate key-value map, using the (random) key from that map to link your data to the personal data and then just deleting the map entry when someone asks to be forgotten.
The annoying part is retrofitting data scrubbing into things like data warehouses and other systems of record, without accidentally deleting data you have a legal obligation to retain to satisfy, e.g. anti-money laundering laws or audit requirements.
