diff --git a/scripts/gdpr-delete-users.js b/scripts/gdpr-delete-users.js
index c512a58416..25de6fd472 100644
--- a/scripts/gdpr-delete-users.js
+++ b/scripts/gdpr-delete-users.js
@@ -35,15 +35,14 @@ async function deleteAmplitudeData (userId, email) {
 
 async function deleteHabiticaData (user, email) {
   const truncatedEmail = email.slice(0, email.indexOf('@'));
+  const set = {
+    'auth.local.hashed_password': '$2a$10$QDnNh1j1yMPnTXDEOV38xOePEWFd4X8DSYwAM8XTmqmacG5X0DKjW',
+    'auth.local.passwordHashMethod': 'bcrypt',
+  };
+  if (!user.auth.local.email) set['auth.local.email'] = `${truncatedEmail}@example.com`;
   await User.update(
     { _id: user._id },
-    {
-      $set: {
-        'auth.local.email': user.auth.local.email ? email : `${truncatedEmail}@example.com`,
-        'auth.local.hashed_password': '$2a$10$QDnNh1j1yMPnTXDEOV38xOePEWFd4X8DSYwAM8XTmqmacG5X0DKjW',
-        'auth.local.passwordHashMethod': 'bcrypt',
-      },
-    },
+    { $set: set },
   );
   const response = await axios.delete(
     `${BASE_URL}/api/v3/user`,
@@ -78,6 +77,7 @@ async function processEmailAddress (email) {
 
   const socialUsers = await User.find(
     {
+      'auth.local.email': {$not: emailRegex},
       $or: [
         { 'auth.facebook.emails.value': email },
         { 'auth.google.emails.value': email },