Old style solution
"Select *" will return data in clear text even if you use database encryption. The data is encrypted only on disk. In the case of SQL Injection, the attacker will copy all your private data.
"Select *" on backend SQL will return encrypted data. Personal data can be fetched only by using Databunker API after passing numerous security checks.
Node.js example implementing Databunker and Passport.js:Example
Solutions for popular use cases
Databunker will help you to comply with the following GDPR user rights
Right to be informed
Right of access
Right to rectification
Right to erasure
Right to restrict processing
Right of data portability
Right related to automated decision making including profiling
Right to object
A special service to store personal data.