You can Encrypt sensitive data in the user profile in a Rule.
All users will have a user_id, including social logins. Linking accounts will maintain the user_id of the primary user, however the user_id of the secondary user will still be available in the user.identities array. This is outlined here: https://auth0.com/docs/link-accounts