You can delete your account yourself at any time. This is a hard delete — the data is gone afterwards, no soft delete, no restore.
Where
On the profile page at the very bottom, in the red-bordered "Delete account" section.
What you need to enter
Two security steps to prevent accidental deletion:
- Type your email to confirm. Exactly the address you are signed in with.
- Your current password.
Plus a browser confirm dialog on click, which you dismiss before anything actually happens.
What happens on deletion
| What | What happens |
|---|---|
| Your user record | Hard-deleted |
| All active subscriptions | Hard-deleted |
| All past subscriptions | Hard-deleted |
| All API keys | Hard-deleted (CI pulls receive 401 from then on) |
| Your download log | Hard-deleted |
| Your session | Signed out |
| Email hash on blacklist | Stored |
What the email blacklist does
To prevent a formerly registered and deleted address from being used again freely, we store a salted, slowly derived hash of the address. This is the same hardening approach used for passwords: a random salt per entry plus PBKDF2 with a high iteration count, making brute-force attempts prohibitively expensive even in the event of a database leak.
We do not store the email itself.
If you want to come back after deletion:
- Use a different address — the easy path.
- Write to us at [email protected]. We will remove the blacklist entry manually if you can justify the request.
Privacy background
More on the GDPR perspective at Privacy and GDPR.