NTFS file owner is able to delete a file with read permission
In NTFS, owner implicitly and effectively (you can write DACL, granting yourself any permission) has full permissions on files (IIRC folders as well), despite DACL entries. Reference
Workaround is to use special SID in DACL: S-1-3-4 "Owner Rights"
It replaces implicit permissions with explicit ones defined by you.