Docker Compose Shared Named Volume Permissions Denied

Question

The following docker-compose spins up containers for a Django application:

version: '3.7'

services:
  web:
    build: 
      context: .
      dockerfile: Dockerfile.prod
    container_name: web
    volumes:
      - static_volume:/static
      - media_volume:/media
...

  nginx:
    container_name: nginx
    build: ./nginx_proxy
    restart: always
    volumes:
      - static_volume:/static
      - media_volume:/media
...

volumes:
  media_volume:
  static_volume:

The web container is built using the following Dockerfile:

# pull official base image
FROM python:3.8

...

# organise permissions
RUN chown -R manager:manager /static
RUN chmod -R 755 /static

RUN chown -R manager:manager /media
RUN chmod -R 755 /media

RUN ls -la
...

When the permissions are printed as web container is being built, it returns the following:

Step 21/23 : RUN ls -la
 ---> Running in e61984edfbcb
total 1760
drwxr-xr-x   1 manager:manager    4096 Jan 25 00:00 media
drwxr-xr-x   1 manager:manager    4096 Jan 25 00:00 static

Removing intermediate container e61984edfbcb

As expected and set in the Dockerfile.

BUT when the containers are spun up (docker-compose up) and I look inside the permissions of the web container, I find the following:

docker exec -it web bash
manager@c8762586f678:/$ ls -la
total 1760
drwxrwxr-x   3 root:root       4096 Sep 22 11:12 media
drwxr-xr-x   3 manager:manager       4096 Sep 22 11:12 static

Why do the two named volumes have different permissions - specifically, why is the media volume reverted to root:root? How can I ensure that the media volume has the same permissions as the static folder inside the web container?

Thanks in advance