I just went through the "how do I delete unused patch's from server automatically" process with support this week.
It seems like under jobs/tasks - patch - integrity check, if you have the box checked for
"Delete the updates that are no longer in use from the file system"
Then once a patch is not used in a policy (i.e. the policy is deleted), and if you go to the superseeded report in the remediation center and right click on the superseeded bulletin and click "disable" then the patch does get removed from the server the next time you have your integrity job scheduled to run (I think default is 1x a week).
If you disable a bulletin in the superseeded report, but leave it in an active policy (even if it's unchecked in the policy), it doesn't seem to delete in my testing. I have some patch policies that have several patches in them is how this came up, some were superseeded, others weren't.
In my site server settings, package service, "Delete package files if they are unused for" is completely unchecked for me, and those patches do delete. I have a lot of packages (not patches) that don't necessarily get used often so I didn't want to check box.. I think. Still trying to figure things out myself.
If anyone has anything to add regarding best practices here, please feel free to share. Thanks.