diff --git a/src/user_management/user.rs b/src/user_management/user.rs
index bdfa85a..56695b3 100644
--- a/src/user_management/user.rs
+++ b/src/user_management/user.rs
@@ -363,6 +363,42 @@ impl<UserData: Serialize + DeserializeOwned> RegisteredUser<UserData> {
         Ok(())
     }
 
+    /// Permanently delete this user and all their data
+    ///
+    /// Permanently remove all traces of this user from the database, including:
+    /// * User data associated with their account
+    /// * Any certificates linked to their account
+    /// * Their username (which is freed for other users to take)
+    /// * Their password hash
+    /// * ~~Any happy memories you have with them~~
+    ///
+    /// If you're not using [`UserManagementRoutes`], it's strongly recommended that you
+    /// expose some way for users to delete their accounts, in order to appropriately
+    /// respect their privacy and their right to their data.
+    ///
+    /// If you *are* using [`UserManagementRoutes`], your users already have a way of
+    /// deleting their accounts!  Just direct them to `/account`.
+    ///
+    /// # Errors
+    /// Can error if the a database error occurs
+    pub fn delete(self) -> Result<()> {
+        let certificates = self.all_certificates();
+
+        (&self.manager.users, &self.manager.certificates).transaction(|(tx_usr, tx_crt)| {
+            tx_usr.remove(
+                self.username.as_str(),
+            )?;
+            for cert in certificates {
+                tx_crt.remove(
+                    cert,
+                )?;
+            }
+            Ok(())
+        })?;
+
+        Ok(())
+    }
+
     #[cfg(feature = "user_management_advanced")]
     /// Check if the user has a password set
     ///