What happens to your data when a user account is deleted?


This post was originally written in German by the German Federal Youth Council.

Nextcloud is free software for sharing and collaboratively working with files, appointments, tasks, chatting, video conferencing, collaborating and much more. Nextcloud scales from small teams to many thousands of users – and even quite simple web hosting packages allow small organizations and teams to work together very well. Your own Nextcloud server can perfectly interact with other Nextclouds, Pydio’s and others: Networking beyond the limits of one’s own server has already been thought through.

In Nextcloud, files can be shared in many ways: privately, publicly, across clouds, with and without write permissions, with expiration dates, keywords and explanatory notes. This screenshot shows a few of the possibilities.

My data belongs to me! The empowering approach of Nextcloud

Nextcloud was born from the idea that users should remain in control of their data. Large commercial providers store data in some data center (and you have no control over where that is). With Nextcloud, it’s different: You decide whether you want to install “the cloud” at home or somewhere else.

Teams work together, but not forever

Teams are not constant – sometimes new people are added, sometimes they leave. What does this mean for collaboration based on Nextcloud? When new people join, things are usually quite simple: you add them to groups (which are set up for the whole instance) or circles (groups created by users), or you individually share the relevant files. The question is, however, what to do when people leave a team. In our experience, there is a lot of uncertainty here about the data that was created during the time together.

What happens to files when a user account is removed?

We have looked into this and would like to introduce you to the different possibilities. Basically, user accounts can be either deactivated or completely deleted. “Deactivated” means that this person can no longer log in, but that the created files are still available – even for those with whom something was shared or created together.

User accounts can either be deactivated or completely deleted.

Whether data is still available for team members when an account is completely deleted depends on the storage location.

  1. Case 1: Files created by the user themselves are deleted with the user account.
  2. Case 2: Files created by the user which have been shared with other users are also no longer available for the other users when the account is deleted.
  3. Case 3: Files created by the user, shared with others and already edited by them: the user who created the file also owns the data here – and thus these files, including all edits, are deleted when the original user account is deleted.
  4. Case 4: Files created by the user, but which are stored in a folder created by another user and shared with others: here the origin of the folder determines what happens – if someone else created it (and shared it with the account to be deleted), the files remain.
  5. Case 5: Files created by the user, stored in a group folder: a group folder has been created by someone else (the system administrator) and therefore files created here remain unless explicitly deleted, independent of the people who created or edited the files.

So what to do if a colleague is leaving your team?

If case 2 or 3 is a problem for you, you can prevent the loss of data: someone with whom the files were shared can download them and then upload them again (as their own files or in a group folder). This way may not seem convenient, but as a small trade for the higher protection of your own data, it’s quite acceptable.

System administrators have of course a way to ensure no data at all gets deleted when an account is deleted: the Transfer Ownership function can move ownership of all data from a user who’s account is to be deleted to another account. You can read about this in the documentation.