diff --git a/backend/app/api/auth.py b/backend/app/api/auth.py
index 1342a61..a1c13ee 100644
--- a/backend/app/api/auth.py
+++ b/backend/app/api/auth.py
@@ -97,10 +97,30 @@ def register(user_data: UserCreate, db: Session = Depends(get_db)):
     from ..models.user import VerificationCode
     from datetime import datetime
 
-    existing = db.query(User).filter(User.email == user_data.email).first()
+    # 활성 사용자만 체크 (삭제된 사용자는 재가입 허용)
+    existing = db.query(User).filter(
+        User.email == user_data.email,
+        User.deleted_at.is_(None)  # 삭제되지 않은 사용자만
+    ).first()
     if existing:
         raise HTTPException(status_code=400, detail="Email already registered")
 
+    # 삭제된 사용자가 있다면 완전히 제거 (동일 이메일 재가입 허용)
+    deleted_user = db.query(User).filter(
+        User.email == user_data.email,
+        User.deleted_at.isnot(None)
+    ).first()
+    if deleted_user:
+        # 관련 데이터 삭제
+        from ..models import CarView, PerformanceCheckView, ChargeHistory, Inquiry, Notification
+        db.query(CarView).filter(CarView.user_id == deleted_user.id).delete()
+        db.query(PerformanceCheckView).filter(PerformanceCheckView.user_id == deleted_user.id).delete()
+        db.query(ChargeHistory).filter(ChargeHistory.user_id == deleted_user.id).delete()
+        db.query(Inquiry).filter(Inquiry.user_id == deleted_user.id).delete()
+        db.query(Notification).filter(Notification.user_id == deleted_user.id).delete()
+        db.delete(deleted_user)
+        db.commit()
+
     # Check if email was verified (pre-registration verification)
     email_verified = False
     verification = db.query(VerificationCode).filter(
@@ -148,6 +168,22 @@ def login(
             headers={"WWW-Authenticate": "Bearer"},
         )
 
+    # 삭제된 사용자 체크
+    if user.deleted_at:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="This account has been deleted",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
+    # 비활성화된 사용자 체크
+    if not user.is_active:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="This account has been deactivated",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
     access_token = create_access_token(data={"sub": user.email})
     return Token(access_token=access_token)