You would think when you do a "factory reset" and agree to erase everything on your Android device that all of your data would be wiped out for good. But you'd be wrong.

As many researchers have discovered, data can be recovered with the right tools even after a factory reset has been performed. That's because when you delete something, the file itself isn't actually overwritten — the system just throws away all the info on the file, essentially tossing it in with whatever free space you have. Recoverable data can be a real privacy problem if you ever plan on selling or donate your Android phone.

There are, however, a few ways to ensure your data is really erased forever.

Encrypt your phone

Encrypting your Android device is the strongest way to prevent its data from being recovered. By encrypting your device, you are essentially scrambling all the data and locking it away with a special key. Once encrypted, the data can't be decrypted without entering a passcode.

Most devices running Android 6.0 Marshmallow are required (except maybe some low-end devices) by Google to have mandatory encryption for maximum security.

If your device is running Android 5.0 Lollipop or lower (and supports encryption), it's highly recommended you turn on encryption (Settings > Security > Encrypt phone) to scramble its data before doing a factory reset. (The setting location may vary on different devices.)

Essentially, by doing this, you'll be erasing scrambled data which is virtually unrecoverable.

Overwrite it with throwaway data

So now that you've encrypted your data, factory reset it and erased everything, let's go even further and make sure the new destroyed encrypted data is even more jarbled and worthless by overwriting with new junk data.

Go ahead and set up your device again, but this time don't sign into any Google accounts or anything. Once your device is set up as new, go ahead and start recording a video for as long as you can, at the highest resolution. Repeat as much as you need to fill up all the space.

Then do another factory reset.

Repeat

If you're paranoid, you can follow the above tips and perform them several times until you feel confident the data is scrambled enough and overwritten with new throwaway data that even if someone was able to recover the data, they wouldn't get anything useful. But if you want to keep it simple, a single encrypt-and-reset will do the trick for most.

Have something to add to this story? Share it in the comments.