diff --git a/skeleton/docker-entrypoint.sh b/skeleton/docker-entrypoint.sh
index 96bf50b..927ca87 100755
--- a/skeleton/docker-entrypoint.sh
+++ b/skeleton/docker-entrypoint.sh
@@ -16,7 +16,11 @@ USER="$(id -u)"
 # Create directories to be used by Plone
 mkdir -p /data/filestorage /data/blobstorage /data/cache /data/log $CLIENT_HOME
 if [ "$USER" = '0' ]; then
-  find /data -not -user plone -exec chown plone:plone {} \+
+  # Check ownership, OR check if we are explicitly forcing a fix
+  if [ "$(stat -c '%U' /data)" != "plone" ] || [ "$FORCE_CHOWN" = "1" ]; then
+    echo "Running chown to fix ownership of the data directory"
+    find /data -not -user plone -exec chown plone:plone {} \+
+  fi
   sudo="gosu plone"
 else
   sudo=""
diff --git a/test/config.sh b/test/config.sh
index 5f21f3c..c2365ee 100644
--- a/test/config.sh
+++ b/test/config.sh
@@ -16,6 +16,7 @@ plone-listenport
 plone-zeoclient
 plone-relstorage
 plone-shared-blob-dir
+plone-basics-chown
 '
 
 imageTests+=(
diff --git a/test/tests/plone-basics-chown/expected-std-out.txt b/test/tests/plone-basics-chown/expected-std-out.txt
new file mode 100644
index 0000000..32b6091
--- /dev/null
+++ b/test/tests/plone-basics-chown/expected-std-out.txt
@@ -0,0 +1,5 @@
+--- Case 1: Automatic fix ---
+Running chown to fix ownership of the data directory
+--- Case 2: Forced fix ---
+Running chown to fix ownership of the data directory
+--- Case 3: No fix ---
diff --git a/test/tests/plone-basics-chown/run.sh b/test/tests/plone-basics-chown/run.sh
new file mode 100755
index 0000000..4f6c0f3
--- /dev/null
+++ b/test/tests/plone-basics-chown/run.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+set -eo pipefail
+
+image="$1"
+
+# Case 1: /data owned by root. Should fix it automatically.
+echo "--- Case 1: Automatic fix ---"
+cname1="plone-chown-auto-$RANDOM"
+docker run --name "$cname1" -v /data busybox sh -c "chown root:root /data && touch /data/auto"
+docker run --rm --volumes-from "$cname1" "$image" true
+docker run --rm --volumes-from "$cname1" busybox stat -c "%u:%g" /data/auto | grep -q "500:500"
+docker rm -v "$cname1" > /dev/null
+
+# Case 2: /data owned by plone, but FORCE_CHOWN=1. Should fix it manually.
+echo "--- Case 2: Forced fix ---"
+cname2="plone-chown-force-$RANDOM"
+docker run --name "$cname2" -v /data busybox sh -c "chown 500:500 /data && touch /data/forced && chown root:root /data/forced"
+docker run --rm --volumes-from "$cname2" -e FORCE_CHOWN="1" "$image" true
+docker run --rm --volumes-from "$cname2" busybox stat -c "%u:%g" /data/forced | grep -q "500:500"
+docker rm -v "$cname2" > /dev/null
+
+# Case 3: /data owned by plone, no FORCE_CHOWN. Should NOT fix (no message).
+echo "--- Case 3: No fix ---"
+cname3="plone-chown-none-$RANDOM"
+docker run --name "$cname3" -v /data busybox sh -c "chown 500:500 /data && touch /data/no-fix && chown root:root /data/no-fix"
+docker run --rm --volumes-from "$cname3" "$image" true
+# Should still be root:root (0:0)
+docker run --rm --volumes-from "$cname3" busybox stat -c "%u:%g" /data/no-fix | grep -q "0:0"
+docker rm -v "$cname3" > /dev/null