Users can read out hidden folders for wich they do not have reading permissions! What can we do?

Dear all,

I have a Groupfolder problem…
We want to use subfolders and we want that specific users have specific permissions for reading or writing the folders or files in the groupfolders.
With the Groupfolders Extension and it´s user rights settings it is possible to set up the folderstructure as we want it to be, for example like this:

Group folder company location Berlin (rootfolder)
  ├── Administration
        ├── Accounting
  ├── General information
        ├── Weekly menue in the canteen
  ├── Projects
        ├── Project A
        ├── Project B

If a specific user has NO permissions for one specific subfolder (no READ, no WRITE,… permissions) he will not see this folder (This behavior is OK!) but he still can copy the root folder to another “private” folder in his nextcloud instance then all folders and files will be copied!
Also the folders for which he has no reading permissions! So he easily can read out files he should not have access to!
Please help!
Thank you!

In my Example folder structure the projectmanager fpr project A should not have access to folder Projet B and projectmanager for project B should not have access to folder Projekt A.

All employees shoud see the root folder Group folder company location Berlin.

The employees of accounting group should have access to Administration folder as only user group and but they should not have access to any Projects. All others (for example projectmanagers) should not have access to the accounting folders/files.

But all employees should have access to the Folders in General information folder.

Please help!
Thank you!
Kind regards!

Maybe also check this post/request: