I've got questions about GDPR and CCPA data deletion requests and backup sets. Its pretty straight forward to remove a person that has asked for data deletion from our production environment. My problem is our backup set and machine snapshots stored in AWS or Azure. I cannot find much information about whether or not we would be in compliance if we didnt delete data contained in encrypted/password protected incremental backup sets. Does anyone have any experience with this?