[noir_lord]

In our case it will likely mean that we have a defined documented procedure in place to remove the customers data within the specified period.

In terms of technical implementation it'll be a bastard (or result in us holding backups for a shorter period), dumping your DB backups will mean that you still have the data outside of the period (for a lot of places).

It's going to be interesting.

[mbrookes]

It's not just that you can no longer hold backups for an extended period as a form of pseudo archive, but that for those backups you do keep for operational restore purposes, you have to ensure that data that was deleted or redacted under the GDPR right to erase is not subsequently restored during a routine recovery, or is immediately deleted / redacted after the data set is recovered.

This (slightly ironically) will require keeping a record of what data has been deleted from production systems in response to "right to erasure" requests.