This was an eye opener to me and perhaps kids stuff for you, if you are are well versed in GDPR and blockchain.
Basically this article comes down to the fact that GDPR requires an institute the ability to erase pesonal data from the past. However Blockchain depends on historic transactions that cannot be changed and on top of that there is no institute since it’s decentralized.
So Blockchain is not meant to store personal data or better only the hashes of personal data
You can read the article here