It seems that the email address and other personally‑identifiable information (PII) is removed when a accepted user is deleted.
However when an applicant is rejected, without ever having become a user, the same is not true. Their information remains in the review logs. I believe this to be the case.
Can I delete this application information manually? If not, have I identified a bug? Any help gratefully accepted.
An applicant is some who applies to join our forum after consenting to several conditions as determined by checking boxes (covering such things as the site licensing). This application is then subject to review by site a moderator. See ☰ ▸ Review ▸ Pending.
On our forum, those with an institutional email address get waved thru and those with a private email address (invariably gmail) get a separate email asking what their interest in the forum is (open energy system modeling as it happens, see here with about 1400 subscribers).
Those that are rejected end up with Status = Rejected. But their application details remain: real name (not confirmed), institution (optional), and email address (verified via the screening process, presuming they do reply). HTH.
Just to add that this is a GDPR issue. The site in question is so modest that the GDPR might not apply, but most Discourse sites served from the European Union will have to actively comply with European data law.
Are you looking for this to be an instant delete, or possibly manual or after a certain amount time?
I can see the benefits in retaining the information in case of multiple applications or checking against errors, but I can see that this would be less useful the longer it sits there.
My particular use case is a bit unusual. An applicant entered their system password in the “Institution” field as part of their registration process. I sent a follow‑up email back, prepared using emacs macros, that included their institution details in the “To:” line of that email. In plain text. Oops! As a result, the applicant asked me to immediately delete their entire application. (I think the applicant uses one password in multiple contexts, not good practice of course.)
So the feature I seek would only apply to rejected applications and would be undertaken manually at the full discretion of an administrator.