"The Solution: Encrypt Then Wipe
The iOS operating system on Apple iPhones and iPads has to deal with a similar problem. To ensure a user’s data can be quickly and completely wiped when the device is factory reset, it has a trick up its sleeve. All data on the device is encrypted by default using the hardware encryption feature. When you choose to set up encryption, the device is protected with your own encryption key. Even if you never set up encryption, the files are stored on the device in encrypted form so any bits of deleted files appear as random gibberish on the device’s storage after it’s reset. The data can’t be recovered.
Android won’t automatically do this for you, but you can do it for yourself. To do this, just encrypt your device’s storage before you perform a factory reset. Open the Settings app, tap Security, and tap Encrypt phone or Encrypt tablet to encrypt your device. This will take an hour or more, depending on how much data your device has on it. Afterwards, open the Settings app, tap Backup & reset, and tap Factory data reset to wipe the device normally. The device will be wiped. Any bits of leftover files will be encrypted, so they’ll appear as random gibberish and their data can’t be recovered.
If your device’s storage is already encrypted, you can just factory reset it...
This is a problem with Android, but it can be easily bypassed by encrypting your device’s storage before wiping it. Google will hopefully fix the problem in the future by making Android’s factory reset feature more comprehensive.
Until then, just remember: encrypt and then reset."