GDPR related data must also have a read protection, e.g. you can see the customer number, the city but not street and social security number. Hence it must be encrypted.

But if you encrypt it, you can also use different keys per customer and deleting data is then equivalent to throwing away the encryption key.

But this question is beside the Lambda/Kappa question, it applies to both.