Defining a Dynamic Data Mask (SQLServer) and Outsystems

Good afternoon,

I'm investigating a possible solution for GDPR compliance for one of our clients. I have a specific requirement that the database backups should have obfuscated data as well. I'm currently considering using Dynamic Data Mask (DDM) to protect all sensitive data on the database to this effect.

Another requirement is also that the client can opt out and have his data removed from our app. To this effect I'm considering the Data Anonymization from forge, not sure it will help me with this to be honest. Other solution might be on a soft delete just randomize sensitive data from the user in question and all audits.

Any sugestions or solutions anyone used?

Kind Regards.