When storing a user's data, there's a way you can ensure near total privacy: Encrypting their data and giving the user the only key to decrypt it.
This solves a lot of problems. They don't have to worry about you looking through their data or selling it to anyone else. They don't have to worry about your service getting hacked, as the data is worthless without the key. And as a result, you can use cheap commodity storage, like S3 or something.
However, if the user loses the key, then they lose the data forever. This is why no one does this. But it's good to keep this approach in mind, just in case some use case comes along in which this price is worth paying.