Depending upon how the data is backed-up it can be technically difficult to do such a thing. I certainly don't fancy the idea of restoring my 7TB databases from each of the dozen or so back ups, to remove a person's data and then re-create the backup. Just to have another request land a few minutes later.
So, one option is to keep a separate file that can be used to identify a customer, for the purposes of removal only. If a backup is restored then a process must run immediately that removes the person's data, as identified by this separate file.
When a person makes a request to have their data removed it must be made clear to them that it will still exist in backups, that the backups are secure and if the backups are used then their data will be removed before any processing against that restored data can commence.
Pretty much how things work in call centres. Anything you do, and any dataset is always matched against the national (and internal if kept) Do Not Call list, held in a separate system, and the data cleansed. It soon becomes second nature.
I'm a DBA.
I'm not paid to solve problems. I'm paid to prevent them.