How reliable is Data Recovery on Android after several Factory Resets?

You need to end the relationship with him.
Simple solution.

 

To deal with the question in the title of this thread, recovering data from Android after a reset is a waste of time. Unless you have a very old phone your storage is encrypted, and a reset will erase the encryption key. Hence actually recovering data from the device rather than from a backup isn't really an option unless you have very serious resources (and I'm talking national intelligence services resources, not tools downloaded off the web).

"Recovery Data" doesn't mean anything to me, and I've been using Android for almost 11 years now and used to modify the system software of all of my phones. It's just too vague a term. All android phones have a recovery module, but the one that comes with the phone is very limited and wouldn't give access to anything (it can basically erase the phone or install official updates and that's it). Otherwise it might be the name of some app, or a term he's made up himself. Impossible to say.

The best protections are PIN/password which you don't share with him and check that USB debugging is off in your settings (ADB won't work unless that is active). You may have to activate the Developer Options menu to check that - you can deactivate it again afterwards. To get into Developer Options go into Settings, scroll down to the About Phone section, somewhere in there you'll find "Build Number" (may have to go down into software information, depends on Android version), tap on that repeatedly until it tells you you are now a developer. After that you will have a new Developer Options menu, either in the main menu or in System settings, or System > Advanced (this stuff does vary with version). As well as turning off USB debugging (if it's on) you can "revoke USB debugging authorisations" which means that any computer it's been used with previously will need to be authorised again, which again requires the phone be unlocked.

And that's why keeping your PIN/password private and removing his fingerprints if they've been set up are important: if he can actually get into the phone he can undo any precautions you might take. Of course if you give in to his "demands" for access, which will include unlocking the device, then it's going to be impossible to stop him messing around. There's no technical fix for that, I'm afraid.

While we are at it, don't allow him access to your Google account (don't tell him your password, don't allow your login to be stored on a device that he also has access to, use 2-factor authentication). If he has access to your Google account and you have the levels of activity tracking enabled that Google prefer/encourage/enable automatically if you turn certain services on even briefly, then he can view pretty much everything you do on the phone without touching it.

I don't normally give relationship advice, since I don't know the circumstances, but talk of demanding access to your devices and controlling who you can talk to (whether you are actually talking to them or not) are things that make me uncomfortable, since these are often signs of controlling behaviour. Apologies if I'm speaking out of turn, which I actually hope I am doing here, just felt I had to raise the possibility in case.

 

First, change your Google account password to something strong (20 characters or more) This can be a phrase like - I_Love_25_Easter_Bunnies Which is easy to remember. Don't use this, it's just an example.
Then, factory reset your phone and sign in with your new google password and enable 2 factor authentication.

Now, on your computer, run a thorough virus/malware scan, let it remove anything it doesn't like.

Next, change all your other passwords and enable 2 factor authentication where possible, using your phone to receive the texts with codes.

Now, the most important part. DO NOT let anyone else have access to your phone.

It might be a good idea to change your number as well.