I am recalling a topic that has been discussed serval times, but I am still very unsatisfied.
Regardless of e2e capability of nextcloud, I see a big risk of dataleak, when the database (mysql or sqlite) is copied - especially for stored contacts, calendar and notes.
It has been mentioned here
that it depends on CalDAV/CardDAV and that encryption of mysql-database would be to complex, but I don’t agree with that.
Nextcloud team says that it it is GDPR compliant, but I’m not sure about that point because of the way the data mentioned above is stored in unencrypted manner.
When someone sucessfully steals the database, this is a heavy breach regarding GDPR and it concerns personal information for sure.
How do here others think about that?