Difficulty of deletion
I was under the impression that the original DPA (before being overtaken by the GDPR) required that data be deleted, provided it was not too onerous to do so. Thus a person's record could be deleted from a live database and the hot standby, but allowed to remain on the backup tapes, because deleting a record from the middle of a tape archive was considered to be too demanding. Were records to be restored from the backup tape, the subject's record should not be restored, or deleted again if restored.
The same was true of Subject Access Requests and Freedom of Information Requests. The responder could claim the task of providing the information was too difficult/expensive to justify. For example, the Met Police in the UK are only now going to record the ethnicity of people they stop in cars, so previous requests to them to state the proportion of Black and People of Colour who were stopped compared to White people could be rejected on the grounds that 'we do not record that data':
https://www.theguardian.com/uk-news/2021/jan/18/met-police-to-start-recording-ethnicity-of-people-stopped-in-cars
This only after several cases of high profile Black people being stopped for apparently no good reason (MET discovers that 'Driving While Black' is shockingly NOT a crime).