Mkay, so from your own link:
The ECJ closed by phrasing its holding broadly. It stated that dynamic IP addresses held by a website operator constitute personal data as long as the operator has “the legal means which enable it to identify the data subject with additional data which the [ISP] has about that person.” Thus, unless a statutory or other prohibition on ISP sharing of subscriber data exists, the ECJ’s holding creates a risk that IP addresses can be considered personal data.
Go ahead and ask the admin if he has any friends at an ISP in the Netherlands (assuming the site is still hosted there) who will slip him the address of someone given an IP address. Probably not, yeah? It's personal data for governmental/regulatory bodies who have the means to correlate the data by obtaining the additional info stored at the ISP. That ruling would only tangentially touch a challenge for a private website like this.
Anyhow, none of this has anything to do with the topic subject. Account deletion and scrubbing IPs from the logs are not necessarily correlated - one would, by default, probably be done without the other. Even if IP addresses were personal data in this scenario - which they would probably be ruled not to be, even if it was challenged - you would need to go through the processes outlined in the GDPR to get them removed from the site's logs.
HypnoMangaEditor said:
Yes, it is optional. However, if you opted to enter it, it is personal data that is stored in your account. Which means the site has to honor request to delete your account, not just the entry of the email address.
This doesn't make any sense. If they wiped the field, it would remove their personal information. Just because it was related to the account does not necessarily mean that the whole object needs to be removed. Think about the implications of that in a big relational database. Like at Amazon, you ordered a VSI on this host with an account on your email - are they supposed to get rid of records of the guest's existence because you asked them to take your email out? The
host? GDPR is about removing ways for a website to identify you if you no longer want them to be able to. If their data doesn't point back to your email at the end of it, they've complied.