Does the GDPR actually express a right to account deletion? My understanding is that it expresses only a right to erasure in a limited set of circumstances. Given that comments are public, I think it may be possible to deny the right to erasure on the archival exception.
However, upvotes are currently private, and cannot be removed after some length of time. I wonder if this would mean they should be made removable (or at least the record of them in a user's account).
