ElasticSearch deleting data to comply with the GPDR

Hello.
I have a question/concern about the workings of Elasticsearch and the GPDR. In the GPDR you have the right to be forgotten. Let's say I am a server owner and I have some personal information, which the owner has requested to remove. When I mark the data for removal, the data isn't immediately removed from the disk, but removed at searchtime later. Can this be a problem when looking at GPDR compliance?
Technically if you mark something as removed, then turn off the cluster for 1 year, you could still read the data from the disk which was supposed to be removed. Where can I find specific information about this topic?

Bump.
I'm unsure if I've looked at this correctly. Can anyone have a look at the question?