Cloud Storage Deleted Your Files: India Recovery and Complaint Guide

Cloud storage is no longer optional. School certificates, EPF passbooks, GST invoices, family photos, the only copy of medical reports, and small-business order books often live inside one Google, Apple, Microsoft or Dropbox account. When that account quietly drops 47 GB because a payment failed, or a child pressed “Empty Trash”, the loss does not feel digital. It feels like a fire.

Six common causes:

1. Storage full and auto-purge of new mail attachments, new WhatsApp media, or new photo uploads while older files appear untouched until a folder sync reverses the impression.
2. Subscription lapse, where an upgrade plan ran out, the provider downgraded the account to the free tier, and files above the free quota were marked for deletion after a grace period the user did not see.
3. Accidental deletion or accidental “Move to Trash” by a child, a spouse, a colleague with shared-drive access, or a desktop sync client that mirrored a local delete to the cloud.
4. Account compromise, where an attacker reached the inbox or the cloud directly, changed the recovery email, and either ransomed or emptied the account.
5. Provider error, where a sync bug, a duplicate-file de-duplicator, or a forced migration on a Workspace plan wiped folders the user never touched.
6. Business loss, where a freelancer or a small firm lost client deliverables stored only in one personal Drive or Dropbox folder.

Each cause has a different recovery path. Angry tweets, “recovery experts”, or panic factory-resets turn a recoverable loss into a permanent one. In-window recovery first, then a written grievance.

Cloud “delete” is almost never instant. Every major provider keeps a soft-delete buffer because engineers, courts, and tax authorities can demand the data back. Buffer lengths:

• Google Drive, Photos, Gmail: items go to Trash and remain recoverable for 30 days. Empty-Trash or 30-day age moves them to a separate provider-side hold for a short additional window before permanent deletion.
• Apple iCloud Drive and iCloud Photos: items go to Recently Deleted for 30 days. iCloud Mail keeps deleted mail for 30 days. Notes, Reminders, and Safari tabs each have a separate 30-day Recently Deleted folder.
• Microsoft OneDrive personal: items sit in the Recycle Bin for 30 days (longer if you delete fewer than the daily quota). OneDrive for Business and SharePoint keep a first-stage Recycle Bin (93 days) plus a second-stage Recycle Bin the site admin can reach.
• Dropbox: deleted files are recoverable for 30 days on Basic and Plus, 180 days on Professional, and 365 days on Business and Enterprise plans.
• WhatsApp: WhatsApp itself does not store your chats. Backups live inside Google Drive (Android) or iCloud (iPhone) and follow that provider's Trash rules. A deleted backup is gone from the chat app the moment the next backup overwrites it.
• Telegram, Signal: Telegram chats are kept on Telegram servers until you delete them; secret chats and Signal chats are device-local and not in any cloud Trash.

If loss is less than 30 days old, recovery is self-service in the provider Trash. Past 30 days you need a written grievance, and for paid plans a deficiency claim.

Set a 30-minute timer. Work in order. Do not skip ahead, do not log in from a second device, do not “Empty Trash” anywhere.

1. Do not delete anything else. A second deletion can overflow the Trash quota and push the oldest item past the 30-day line by a day.
2. Do not pay any “recovery agent”. There is no paid service that can recover data the provider has already purged. Every legitimate recovery happens inside your own account.
3. Open a clean browser window on a laptop or desktop you trust, not the locked phone. Use a private or incognito window, and sign in only at the provider's official URL.
4. Screenshot the lock or “out of storage” message word-for-word, with the date and time visible. “Storage full”, “Your plan ended”, “We were unable to charge your card”, “Account suspended” and “Files removed” map to different desks inside the provider.
5. Pause sync on your desktop client. Right-click the Google Drive, iCloud, OneDrive or Dropbox icon in the system tray and choose Pause. This stops your computer from mirroring further deletions up to the cloud.

Match the message to one of these six buckets:

1. “Your storage is full” or “Out of storage” → quota-based lock. Files are not yet deleted, but new uploads are blocked. Free up space or upgrade, then check Trash.
2. “Your plan has expired” or “Subscription cancelled” → billing lapse. Most providers keep your data read-only for a grace period (Google: 7 days reduced quota plus a longer read-only window; Apple: 30 days; Microsoft: 90 days). Pay the bill or export quickly.
3. “Files were removed” or “Items in Trash” → simple deletion. Open the Trash, select all, restore.
4. “Suspicious sign-in” or “Account locked” with files missing → possible compromise. Treat as a security incident first, recovery second.
5. “We were unable to charge your card” → payment dispute. The card may have expired, or the bank declined an international charge. Fix the card, then check whether the provider has actually purged anything.
6. You see files you did not delete, or you cannot log in at all → likely takeover. This is the only path where you also file a cybercrime complaint.

Use only the provider URL below. Do not Google “Google Drive support phone India”, because the top results are usually paid ads from fake “recovery experts” who will ask you to install AnyDesk or share an OTP.

• Google Drive, Photos, Gmail: https://drive.google.com/drive/trash and https://photos.google.com/trash
• Apple iCloud Drive: https://www.icloud.com/iclouddrive (open the Recently Deleted folder in the sidebar)
• Apple iCloud Photos: https://www.icloud.com/photos (open the Recently Deleted album in the sidebar)
• Microsoft OneDrive: https://onedrive.live.com (open the Recycle Bin in the sidebar)
• Dropbox: https://www.dropbox.com/deleted_files
• WhatsApp backup (Android): https://drive.google.com/drive/quota (check the WhatsApp backup file size and date)
• WhatsApp backup (iPhone): Settings, your name, iCloud, Manage Account Storage, Backups.

Sign in only at the bare provider domain. If any URL during the recovery flow looks like drive-recovery.in or icloud-help.support, close the tab. Those are phishing pages.

1. Photos and videos first. They are the highest emotional and legal weight per gigabyte, and they are the easiest to lose to the next sync.
2. Documents next. Tax filings, school certificates, medical reports, ID scans.
3. Mail attachments if your loss was a Google Drive purge of “out of space” attachments.
4. Shared drives last. Restoring a shared folder triggers notifications to every collaborator. Do this once, not three times.

After a full restore, change your password from the same trusted device and turn on two-factor authentication. The new sign-in alerts you will start receiving over the next 24 hours tell you whether the original deletion came from a stranger.

Three statutes and one rule govern cloud-storage data loss. Cite them by section when you write your grievance.

Information Technology Act 2000, §43(d) and §43(g). A person who, without permission of the owner, downloads, copies, extracts, damages, deletes, alters, or causes deletion of data stored in a computer resource is liable to pay damages by way of compensation. §43 reads with §66 makes the same act, if dishonest or fraudulent, a criminal offence punishable with up to three years imprisonment or a fine up to five lakh rupees.

Bharatiya Nyaya Sanhita 2023, §318. Cheating by personation through a computer resource is the operative offence post-2024 for impersonation-driven data loss. Unauthorized deletion of data after a phishing or account-takeover attack is charged here, alongside IT Act §66 and §66D.

Consumer Protection Act 2019, §2(11). “Deficiency” includes any fault, imperfection or inadequacy in the quality, nature or manner of performance which is required to be maintained under any law, contract or assurance, express or implied. A cloud-storage provider that promised 30-day Trash and purged your files in 11 days, or that took a renewal payment and downgraded you anyway, has caused a deficiency in service.

Digital Personal Data Protection Act 2023, §11 (Right of access to information). The Act gives a Data Principal the right to obtain a summary of personal data being processed and the activities undertaken by the Data Fiduciary. While DPDP does not directly compel restoration, this section is the legal basis for asking the provider, in writing, what was deleted, when, at whose request, and whether any retention copy still exists.

Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021, Rule 3(2). Every “significant social media intermediary” and every intermediary that hosts user data must publish the name, contact, and address of a Grievance Officer, must acknowledge a grievance within 24 hours, and must dispose of it within 15 days (or 72 hours for content takedown requests, which sometimes applies to deleted-account appeals). Google, Apple, Meta, Microsoft and Dropbox each publish an India Grievance Officer page. This is your written escalation channel.

Before you escalate, collect every document below and store it outside the cloud you are fighting with. Email a copy to yourself on a different provider.

• Screenshot of the “out of storage”, “plan ended” or “files removed” message with date and time visible.
• Account email and account ID (your Google account ID, Apple ID, Microsoft account name, Dropbox email).
• Subscription receipts from the App Store, Play Store, or the provider billing page for the last 12 months.
• Bank or card statement showing the last successful charge, the failed charge, or a renewal that left your account but did not credit your storage.
• List of missing files, even if approximate (folder names, last known file count, last known total size in GB).
• Sync client log from the desktop app, if you used one. Google Drive log: %LOCALAPPDATA%\Google\DriveFS\Logs (Windows) or ~/Library/Application Support/Google/DriveFS (Mac). OneDrive log: %LOCALAPPDATA%\Microsoft\OneDrive\logs. Dropbox log: %APPDATA%\Dropbox\instance1.
• Recent sign-in activity from your account security page. Save it as a PDF.
• Family or staff list with access to the same account (helpful if the cause was a child or a colleague).
• Two-factor recovery codes you printed when you first set up the account, if any.
• For business loss only: client invoices, project deliverables, GST e-invoice IDs, or contracts that referenced the deleted files.

The order matters. Each step builds the paper trail the next step expects.

Use the Trash or Recently Deleted URLs in the 30-minute plan above. Restore everything you can, including items in folders you have not opened in years.

Every provider has a built-in “Contact support” or “Get help” link inside the account.

• Google: https://support.google.com/drive (use “Contact us” at the bottom; on paid Workspace plans, the response is in hours).
• Apple: https://getsupport.apple.com (choose iCloud, then the specific feature; Apple India phone line is also free).
• Microsoft: https://support.microsoft.com/contactus
• Dropbox: https://www.dropbox.com/support

For a billing-related deletion, choose “Billing”, not “Data recovery”. The billing desk can restore a wrongly downgraded account.

If the in-app ticket does not resolve the issue, write to the India Grievance Officer the provider is required to publish under IT Rules 2021 Rule 3(2). Each provider lists this officer on a public page:

• Google India Grievance Officer page on the Google India site.
• Apple India legal contacts page.
• Meta (for WhatsApp backup-linked issues) Grievance Officer page.
• Microsoft India Grievance Officer page.
• Dropbox India contact through the company's legal page.

Use the sample email below. The officer must acknowledge within 24 hours and respond within 15 days.

If your plan lapsed because a card payment failed and the provider purged data without the warnings their policy lists (most promise at least one email warning and a 7-30 day grace), two parallel paths:

1. Card chargeback under Visa or Mastercard or RuPay rules, raised through your issuing bank within 120 days of the disputed charge. Cite “Services not rendered” or “Cancelled recurring transaction” as the reason code. See RTI Wiki on https://righttoinformation.wiki/cyber-fraud-chargeback-visa-mastercard-rupay-india for the exact reason codes and the bank script.
2. UPI autopay reversal through your UPI app's “Autopay” section if the charge was an e-mandate.

If the provider stays silent past 15 days, register a complaint at 1915 or on the NCH portal. NCH escalates to the provider's India compliance team and usually generates a response within 7 days. See the RTI Wiki walkthrough at https://righttoinformation.wiki/nch-1915-consumer-helpline-india.

If you paid for a plan and lost data the provider was bound to keep, you have a deficiency-of-service claim under Consumer Protection Act 2019 §2(11). File at e-Daakhil (district jurisdiction up to one crore). See https://righttoinformation.wiki/edaakhil-online-consumer-commission-filing-india for the filing walkthrough.

This step is not for accidental deletion or for a billing dispute. File it only when:

• Recovery email or phone was changed without your action.
• You see sign-ins from a city or country you have never visited.
• Files were deleted in a single burst at a time you were not online.
• A ransom message appears.

In any of those cases, call 1930 within the first hour, register at https://cybercrime.gov.in. Cite IT Act §43, §66, §66C, and BNS §318. The script at https://righttoinformation.wiki/1930-helpline-cyber-fraud-script tells you what to say.

A clean rule keeps you from wasting a station visit. The cyber cell is the right route in exactly these cases:

1. Account compromise where the recovery factors were changed by someone else (IT Act §43 plus §66, BNS §318).
2. Ransom or extortion demand to unlock or restore your data (BNS §308 read with IT Act §66).
3. Impersonation, where the attacker is contacting your family or clients from your account (BNS §319, IT Act §66C and §66D).
4. Loss above one lakh rupees in a business-data context, since the FIR is needed for an insurance claim or a contractual write-off.

The cyber cell is the wrong route for:

1. A storage-full auto-purge.
2. An accidental child-clicked deletion.
3. A subscription lapse where the provider followed its published policy.
4. A sync bug that you can replicate on the desktop client.

For those four, the consumer route is the correct one, not the cyber route.

Copy this email, fill in the bracketed fields, and send it to the provider Grievance Officer with a copy to the in-app support thread and to your own backup email.

Send from a different mailbox so the response does not disappear into the broken inbox.

• Repeated sign-in attempts from many devices after a “Suspicious sign-in” lock. Each failed attempt extends the hold.
• Emptying Trash to “make space” in the middle of the recovery. Trash holds your only recoverable copy.
• Factory-resetting the phone in the hope that “syncing again” will pull files back. A factory reset deletes the local cache that might still contain files the cloud no longer has.
• Paying an Instagram or Telegram “data recovery expert”. Nobody outside the provider can recover files the provider has purged. Any service that claims otherwise is a fraud and a §66D BNS §318 offence.
• Installing remote-desktop tools (AnyDesk, TeamViewer, Quick Assist) at the request of a “support agent” who called you. No legitimate cloud provider asks for remote control.
• Sharing the OTP with the recovery agent. The OTP is the only thing standing between an honest recovery and an account takeover.
• Filing an FIR for a subscription lapse. The police will not register a cognisable case for what is a consumer-contract dispute, and the time spent at the station is time the e-Daakhil clock is running.
• Ignoring the 24-hour grievance acknowledgement window. If the Grievance Officer does not acknowledge within 24 hours, that itself is a separate IT Rules 2021 breach worth citing in your e-Daakhil filing.

Cheapest insurance: a written 3-2-1 backup plan:

1. 3 copies of every important file (original, plus two backups).
2. 2 different storage types (for example, the cloud and an external SSD).
3. 1 copy offsite (a different cloud, a relative's house, or a fireproof bank locker for an encrypted USB).

Concrete monthly habits that take less than 30 minutes a month:

1. First Sunday of the month: download a fresh export of your Google account from https://takeout.google.com or your Apple account from https://privacy.apple.com or your Microsoft account from https://account.microsoft.com/privacy. Store the archive on an external SSD.
2. WhatsApp: keep Google Drive or iCloud chat backup on, but also export each important chat as a text file once a quarter from WhatsApp, More, Export Chat.
3. Photos: enable a second photo cloud (for example, Google Photos plus iCloud Photos, or Google Photos plus a Synology home server) so no single provider can be the only home of family memory.
4. Subscriptions: keep a one-page list of every cloud plan, renewal date, plan tier, and card on file. Review it the day after every card renewal. A reminder on this exact day prevents the “expired card and silent downgrade” trap entirely.
5. Card on file: never let a five-year-old card be the only payment method for storage you cannot afford to lose. Add a backup card or a UPI autopay mandate.

Almost certainly not. Google Photos, Drive and Gmail each keep deleted items in a Trash for 30 days. Open https://drive.google.com/drive/trash and https://photos.google.com/trash on a laptop, select all, and Restore. Items older than 30 days are usually past the Trash window, but a paid Workspace plan has a longer internal recovery window your admin can request.

Apple keeps photos in Recently Deleted for 30 days. Open https://www.icloud.com/photos on a browser, sign in with the same Apple ID, open Recently Deleted in the sidebar, select all, and Recover. Then resubscribe to iCloud Plus before the 30-day window closes, since Apple may not move items back to your library if storage is still full.

A frozen OneDrive account keeps your files for 90 days, but the account is read-only, you cannot edit, upload, or open Office documents stored on it. You have 90 days to either delete enough files to come back under quota or upgrade. After 90 days, the account is permanently deleted, with no recovery.

Yes if you are within 30 days on Basic or Plus, 180 days on Professional, 365 days on Business. Open https://www.dropbox.com/deleted_files, filter by date, and restore. Then remove the ex-colleague from every shared folder, change your password, and turn on two-factor authentication. For a Business team, your admin can also see and restore events in the team audit log.

Possibly, but the trigger is almost always at the WhatsApp end, not Google. WhatsApp deletes its Drive backup if no new backup has been uploaded for one year, or if you signed in to WhatsApp on a different phone with a different Google account. Open https://drive.google.com/drive/quota and check whether a “WhatsApp Backup” entry still exists. If yes, reinstall WhatsApp on the same Google-account phone to pull it. If no, the backup is unrecoverable, and only a local Android backup file (sdcard/WhatsApp/Databases) can be restored.

This is the strongest deficiency case. Three parallel steps. One, raise a billing ticket inside the Google One account, attach the bank statement. Two, raise a card chargeback with your issuing bank within 120 days under reason code “Services not rendered”. Three, if Google does not restore within 15 days, file at e-Daakhil under Consumer Protection Act 2019 §2(11), since a deficiency that took your money and your data is the textbook case.

Yes. Unauthorized access plus deletion is an offence under IT Act §43(d) and §66, and if there was any impersonation (the attacker contacted your contacts from your account), also BNS §318. Call 1930 within the first hour, register at https://cybercrime.gov.in, and in parallel use https://iforgot.apple.com to start the Apple account recovery. Apple will not restore data without the security verification flow, so do not delay the iforgot step.

If you are on Dropbox Professional, you have 180 days. On Business, 365 days. On Basic or Plus past 30 days, you can still request a one-off recovery from Dropbox support, which sometimes succeeds within their internal retention window for a short period after the 30-day mark, but this is discretionary. In parallel, file at e-Daakhil for deficiency, since a Basic plan that promised 30-day recovery and gave you 27 is itself a breach worth contesting.

By law, 24 hours for acknowledgement and 15 days for resolution, under IT Rules 2021 Rule 3(2). In practice, Google and Microsoft acknowledge within hours, Apple within a day, Dropbox within two days. If you do not hear back within 24 hours, that silence itself is a separate violation worth citing on your e-Daakhil form.

Yes. Under the Digital Personal Data Protection Act 2023, §11, you may ask the Data Fiduciary for a summary of personal data processed and activities undertaken. In your Grievance Officer email, ask explicitly for “the exact date, time, IP address, device fingerprint and trigger of each deletion event on my account”. Workspace and OneDrive for Business admins have a real-time audit log they can already pull. Personal-tier accounts depend on the provider's discretionary cooperation, but the request is a recorded data-rights request that strengthens any later filing.

No. e-Daakhil is built for citizens to file in person. The court fee for a claim up to five lakh rupees is zero. Upload your evidence pack, draft the complaint in plain English citing Consumer Protection Act 2019 §2(11), and attach the unanswered Grievance Officer email. Most cloud-deficiency matters settle at the first or second hearing, since the provider's India counsel prefers a restoration or refund over a published order.

• Google Drive Help: Find or recover deleted files in Drive Trash: https://support.google.com/drive/answer/2375102
• Google Photos Help: Recover deleted photos and videos: https://support.google.com/photos/answer/6128858
• Apple Support: Recover deleted files and folders in iCloud Drive: https://support.apple.com/en-in/guide/icloud/mm74e8bbe035/icloud
• Apple Support: Recover photos and videos you deleted in iCloud Photos: https://support.apple.com/en-in/guide/icloud/mmc2b9d80fc4/icloud
• Microsoft Support: Restore files or folders from the OneDrive Recycle Bin: https://support.microsoft.com/office/restore-deleted-files-or-folders-in-onedrive-949ada80-0026-4db3-a953-c99083e6a84f
• Dropbox Help Centre: Recover or restore deleted files and folders: https://help.dropbox.com/delete-restore/restore-deleted-files
• Information Technology Act 2000, §43 and §66: https://www.indiacode.nic.in/handle/123456789/1999
• Bharatiya Nyaya Sanhita 2023, §318: https://www.indiacode.nic.in/handle/123456789/20062
• Consumer Protection Act 2019, §2(11): https://www.indiacode.nic.in/handle/123456789/15512
• Digital Personal Data Protection Act 2023, §11: https://www.meity.gov.in/writereaddata/files/Digital%20Personal%20Data%20Protection%20Act%202023.pdf
• Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021, Rule 3(2): https://www.meity.gov.in/data-protection-framework
• National Consumer Helpline: https://consumerhelpline.gov.in (call 1915)
• e-Daakhil consumer-commission filing portal: https://edaakhil.nic.in
• National Cyber Crime Reporting Portal: https://cybercrime.gov.in (call 1930)
• Reserve Bank of India circular on chargeback timelines (Visa, Mastercard, RuPay): https://www.rbi.org.in

• Account Locked by Google, Apple, Meta or Microsoft: India recovery guide
• DigiLocker issuer reality check 2026
• NCH 1915 consumer helpline walkthrough
• e-Daakhil online consumer-commission filing
• 1930 helpline cyber-fraud script
• Cyber-fraud chargeback (Visa, Mastercard, RuPay)
• Citizen RTI playbook
• Middle-class traps index