The question is not "do you have control over the web server?" but rather "do you have a normal user account on the web server, and can you run a cron job from that user account?" Also: can you locate and control the permission on the directory where these files are being uploaded?

The point is that a normal user account (your personal account, which you use to create and install web resources on this server) can be permitted to delete files that are created by the "nobody" web-server account, even if the permission on the individual files is "rw-r--r--", if the permission on the DIRECTORY is "rw-rw-rw" (which is likely to be true, otherwise "nobody" would be unable to create files there!)

So, if you are able to run an ssh shell on this server, and can run "crontab -e" as a shell command, you can define a cron job that will run under your own account, and delete files that folks have marked for deletion via some other cgi script of yours.