diff --git a/Dockerfile b/Dockerfile
index 5507333..6b98d93 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,5 @@
 ARG PYTHON="python:3.10-alpine3.18"
+ARG RUNAS="root"
 
 FROM ${PYTHON} AS builder
 ENV SYNCPLAY="1.7.4"
@@ -18,10 +19,20 @@ RUN mkdir $(basename /usr/local/lib/python3.*/) && cd ./python3.*/ && \
     ls /wheels/*.whl | xargs -P0 -n1 unzip -d ./site-packages/
 COPY ./boot.py /release/bin/syncplay
 
-FROM ${PYTHON}
+FROM ${PYTHON} AS root
 RUN sh -c '[ $(getconf LONG_BIT) -eq 64 ] || apk add --no-cache libgcc'
 COPY --from=syncplay /release/ /usr/
 ENV PYTHONUNBUFFERED=1
 EXPOSE 8999
 WORKDIR /data/
+
+FROM root AS user
+ARG USER_UID=800
+ARG USER_GID=800
+RUN addgroup -g "${USER_GID}" -S syncplay && \
+    adduser -u "${USER_UID}" -S syncplay -G syncplay && \
+    chown -R syncplay:syncplay /data
+USER syncplay
+
+FROM ${RUNAS}
 ENTRYPOINT ["syncplay"]