I'm going to review my backup strategy these holidays, and look at how much downtime my services would incur if Hetzner shuts me down.

The reality that they have this power, and that they'd delete data irretrievably, scares me.

Last year I had a misconfigured port on a Docker service, and someone was able to exploit it and run a port scanner. It was during a period that I was away from home, so if I hadn't seen their service abuse emails in time, I could have returned home after a few days to find all my data wiped out (or uptime monitors complaining).