But surely, according to the DPA, the data does indeed belong to the people and they, the people, are simply allowing the instition(s) in question to store it at the datacentre/data centre/centre of data and use it only for specific purposes.
Our datacentre holds personal information for millions of people
That’s not necessarily correct either, unless the people have asked the institutions to hold the data, i.e. the holding of the data by the institution is a service in itself. In most cases, the institutions have asked the people if their data can be held.