[MattPalmer1086]

You're mostly right.

Hardcoding a key would be a bad idea. You would need some way to rotate keys. Maybe also encrypt the actual data encryption keys under another key encrypting key.

But this only defends against attacks which can't get that key (e.g. a SQL injection attack that just dumps table contents).

Having said that, you only need to decrypt if you want to send an email, for logging in you could just store a one way salted hash.

More importantly, this is a lot of effort to protect data that isn't usually regarded as that sensitive (unlike the passwords). If I had the security budget to do that, I'd almost certainly spend it on something else.