diff --git a/lib/Controller/AdminController.php b/lib/Controller/AdminController.php
index 1669b704..f3071d79 100644
--- a/lib/Controller/AdminController.php
+++ b/lib/Controller/AdminController.php
@@ -1,9 +1,11 @@
 <?php
 
 /**
- * SPDX-FileCopyrightText: 2019 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-FileCopyrightText: 2019-2026 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
+declare(strict_types=1);
+
 namespace OCA\Privacy\Controller;
 
 use OCP\AppFramework\Controller;
@@ -13,40 +15,22 @@
 use OCP\IDBConnection;
 use OCP\IRequest;
 
-/**
- * Class AdminController
- *
- * @package OCA\Privacy\Controller
- */
 class AdminController extends Controller {
 
-	/** @var IConfig */
-	private $config;
-
-	/** @var IDBConnection */
-	private $dbConnection;
-
-	/**
-	 * AdminController constructor.
-	 *
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IConfig $config
-	 * @param IDBConnection $dbConnection
-	 */
-	public function __construct(string $appName, IRequest $request,
-		IConfig $config, IDBConnection $dbConnection) {
+	public function __construct(
+		string $appName,
+		IRequest $request,
+		private IConfig $config,
+		private IDBConnection $dbConnection,
+	) {
 		parent::__construct($appName, $request);
-
-		$this->config = $config;
-		$this->dbConnection = $dbConnection;
 	}
 
 	/**
 	 * @param string $code
 	 * @return JSONResponse
 	 */
-	public function setReadableLocation(string $code):JSONResponse {
+	public function setReadableLocation(string $code): JSONResponse {
 		$this->config->setAppValue($this->appName, 'readableLocation', $code);
 		return new JSONResponse([], Http::STATUS_OK);
 	}
@@ -55,11 +39,11 @@ public function setReadableLocation(string $code):JSONResponse {
 	 * @param string $name
 	 * @return JSONResponse
 	 */
-	public function addAdditionalAdmin(string $name):JSONResponse {
+	public function addAdditionalAdmin(string $name): JSONResponse {
 		$query = $this->dbConnection->getQueryBuilder();
 		$query->insert('privacy_admins')
 			->setValue('displayname', $query->createNamedParameter($name))
-			->execute();
+			->executeStatement();
 
 		$id = $query->getLastInsertId();
 
@@ -74,11 +58,11 @@ public function addAdditionalAdmin(string $name):JSONResponse {
 	 * @param int $id
 	 * @return JSONResponse
 	 */
-	public function deleteAdditionalAdmin(int $id):JSONResponse {
+	public function deleteAdditionalAdmin(int $id): JSONResponse {
 		$query = $this->dbConnection->getQueryBuilder();
 		$query->delete('privacy_admins')
 			->where($query->expr()->eq('id', $query->createNamedParameter($id)))
-			->execute();
+			->executeStatement();
 
 		return new JSONResponse([], Http::STATUS_OK);
 	}
@@ -87,7 +71,7 @@ public function deleteAdditionalAdmin(int $id):JSONResponse {
 	 * @param string $enabled
 	 * @return JSONResponse
 	 */
-	public function setFullDiskEncryption(string $enabled):JSONResponse {
+	public function setFullDiskEncryption(string $enabled): JSONResponse {
 		$allowedValues = ['0', '1'];
 		if (!\in_array($enabled, $allowedValues, true)) {
 			return new JSONResponse([], HTTP::STATUS_NOT_ACCEPTABLE);
diff --git a/lib/Controller/PersonalController.php b/lib/Controller/PersonalController.php
index d54b1d0e..e34d98fd 100644
--- a/lib/Controller/PersonalController.php
+++ b/lib/Controller/PersonalController.php
@@ -1,9 +1,11 @@
 <?php
 
 /**
- * SPDX-FileCopyrightText: 2019 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-FileCopyrightText: 2019-2026 Nextcloud GmbH and Nextcloud contributors
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
+declare(strict_types=1);
+
 namespace OCA\Privacy\Controller;
 
 use OCP\AppFramework\Controller;
@@ -14,47 +16,23 @@
 use OCP\IGroupManager;
 use OCP\IRequest;
 
-/**
- * Class PersonalController
- *
- * @package OCA\Privacy\Controller
- */
 class PersonalController extends Controller {
-
-	/** @var IConfig */
-	private $config;
-
-	/** @var IGroupManager */
-	private $groupManager;
-
-	/** @var IDBConnection */
-	private $dbConnection;
-
-	/**
-	 * PersonalController constructor.
-	 *
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IConfig $config
-	 * @param IGroupManager $groupManager
-	 * @param IDBConnection $dbConnection
-	 */
-	public function __construct(string $appName, IRequest $request,
-		IConfig $config, IGroupManager $groupManager,
-		IDBConnection $dbConnection) {
+	public function __construct(
+		string $appName,
+		IRequest $request,
+		private IConfig $config,
+		private IGroupManager $groupManager,
+		private IDBConnection $dbConnection,
+	) {
 		parent::__construct($appName, $request);
-
-		$this->config = $config;
-		$this->groupManager = $groupManager;
-		$this->dbConnection = $dbConnection;
 	}
 
 	/**
-	 * @NoAdminRequired
+	 * Returns all admin users (internal group admins and external privacy admins).
 	 *
-	 * @return JSONResponse
+	 * @NoAdminRequired
 	 */
-	public function getAdmins():JSONResponse {
+	public function getAdmins(): JSONResponse {
 		$adminGroup = $this->groupManager->get('admin');
 
 		// Admin Group should always exist, just catch for safety's sake
@@ -79,7 +57,7 @@ public function getAdmins():JSONResponse {
 		$query = $this->dbConnection->getQueryBuilder();
 		$query->select(['id', 'displayname'])
 			->from('privacy_admins');
-		$stmt = $query->execute();
+		$stmt = $query->executeQuery();
 
 		foreach ($stmt->fetchAll(\PDO::FETCH_ASSOC) as $row) {
 			$uids[] = [