Thanks In Omnibus I appreciate your detailed response.

voyger we too have decided that a direct personal request to delete a user will be considered but we won't use the option for a user to delete themselves.

hope you all don't mind if i share.my view. on the registration form user should agree the privacy once a user register users cannot automatically delete their accounts at less they ask a member of the staff to be delete certainly i will not let a banned user to delete there account,
i agree with In Omnibus

I'm not. I won't be complying with unreasonable European regulations when it isn't necessary. I don't sell or market or conduct research in the E.U. In fact, I don't sell or market or conduct research anywhere. My sites are strictly for entertainment purposes. The only reason any data is collected is to improve the experience of users. They volunteered to register, agreed to the terms of service, privacy policy, copyright policy, and site rules. In those the data collected and the purpose is clearly stated. It is also clearly stated the sites do not delete data. It is retained for historical purposes. If the E.U. regulator wants to come at me because I refuse to delete an IP address and an email address I welcome them to prove damages in a court of law. I''m bound by United States law, not EU regulations. Having said that I realize there are those who are bound by EU regulations and who are not interested in challenging the EU regulator. I have it on good authority that even if a site violates the GDPR the regulator will first send a warning notice with a chance to fix the issue(s), then a formal notice, then a legal notice, and the fines are a fourth option, not the first option. My question for the regulator is: If those conducting business in the EU / EEU ban a member how are they supposed to keep track of that if the member can delete all of the account data? Are businesses supposed to allow banned users to delete their data and create infinite new accounts to protect the individual with no regard for the business? That doesn't pass the legal reason test.

So, if you dont mind me asking, are you not going to let your users automatically delete their accounts with the new GDPR/EU options?

5.3 was released over a year ago. I am guessing you mean 5.4.3.

Banned users can do what you give them permission to do. If you want to give them the permission to modify their user settings and remove consent (if they live in the EU) and have automatic deletion set up, then they will be deleted after three days. Three days is the default cooling off period.

Because if a banned user could remove their account there would be no record of who was banned.

They could delete their account and make a new one five minutes later.

It's bad practice to allow users to delete their accounts.