I struggled with a client over this for a few weeks. We built a HR app together (for annual performance reviews etc) where it was important to maintain some records after a user was gone. In this case, the company is the customer and when they close their account we can export their data and remove it all (payment is done offline). But, for individual employees in the system, we needed to protect the company by keeping an audit trail (i.e., in case that employee sues for unfair dismissal etc).
Since everything (plans, reviews, surveys, action etc) in the system relates to a user we came up with a simple rule: you can only delete users that haven’t affected the state of the system (no survey responses, committed plans etc); otherwise those users are archived (& hidden). This maintains the audit trail and database integrity, but hides those users that have left the company.
Having done this work, I can says that it’s much simpler to delete all the account information if at all possible. Keeping some bits and hiding them, de-normalising them or excluding them from “active” queries, is a road straight to “edge case city”