Review this policy now to determine sahibi of your bilgilerini and how saklanması occurs across deeplin services.

We collect only what is necessary to provide translations and related features. Your text submissions, language settings, and device data (cihazla) are processed on secure servers with strict access controls. We apply AES-256 encryption at rest and TLS 1.3 in transit, with sürekli monitoring and regular third-party assessments to prevent unauthorized access. This approach protects data as it travels along the road between users and our data centers.

You are the sahibi of your data and can request access, corrections, export, or deletion. The sayfa explains exact steps, required identifiers, and expected timelines. We disclose data sharing with subprocessors only for defined amaçlı purposes and under safeguards, and you can opt out of non-essential processing for specific features. We kullanırız privacy-preserving methods wherever possible to minimize exposure.

We conduct ongoing araştırma to improve privacy protections, and you can opt out of data use for research via the sayfa.

When you sign in on a cihazla, certain identifiers may be transmitted to improve reliability, but we minimize this data. If you provide an adını (name) in your profile, we store it only with your consent and you can delete or edit it at any time. Data fields (alan) are treated with strict minimization and can be removed on request.

rağmen, you retain control over data used for training. The default is to improve quality, but you can disable training for your texts via the account page or by contacting support. Amaçlı processing remains aligned with your selections and policy terms.

For retention and deletion details, visit the sayfa. We outline saklanması durations, deletion procedures, and how to exercise your rights. If you need help, contact support or use the sayfa's self-service options to submit requests.

Once you review, you will see that ownership (olduğunu) is clarified, sonra you can exercise rights via the sayfa and control your data across deeplin.

These sections belirmek how your rights are enforced and how the data remains under your control.

What data DeepL Pro collects from you and how it’s used in practice

DeepL Pro collects account information (email, organization name, and payment method) to activate your subscription and handle billing. It also collects usage data (language pairs used, features accessed, timestamps, and translation volume) to monitor performance and plan capacity. In addition, it processes content you submit, including texts, documents, and pptx files, to generate accurate translations, build glossaries, and support translation memories in the suite. This content and its metadata are saklanmaktadır on secure servers with strict access controls.

In practice, data powers the service: it drives translations, enforces anti-abuse measures, and personalizes workflows for teams. Analyzing analizinin usage patterns guides improvements in speed and quality, while zaman-stamped logs support debugging and regulatory audits. For yerel deployments in enterprise plans, we can route processing locally to reduce data movement and give you greater kontrol over içerikler. Data is retained only as long as needed to provide the service and meet legal obligations.

We do not sell personal data. We share only aggregated or non-identifiable analytics with trusted providers under yasal obligations. For enterprise admins (işverenin), access to adreslerinin and other identifiers is limited to roles that require it, and is governed by your policies. You can choose to paylaşabiliriz your outputs to destinations like instagram or other platforms, but only with your explicit consent. When you share içerikler, we provide clear controls and logs so you can review what has been shared and revoke access at any time.

You control your data. You can download a copy of your data, including translations, in a portable format, and you can export content to pptx. You can request deletion of your account or data, and we will honor deletion requests within the timelines defined by law and policy. We also offer privacy settings to limit data collection and analytics, and to customize retention periods. We respond to data-access requests quickly, and we keep you informed about processing status and any changes in policy.

Security remains central: we apply encryption in transit and at rest, implement strict access controls, and conduct regular audits. Data is isolated by account and stored with protective measures; for higher control, enterprise customers can enable local processing, ensuring yerel compliance and reducing exposure of içerikler. We maintain a robust incident response process and notify you per yasal requirements if a breach occurs.

To maximize value while protecting privacy, review sharing settings, enable two-factor authentication, and use the usage dashboards. If you work with a team, seninle we can assign roles so colleagues access only what they need, including employer permissions for adreslerinin management. For content you generate, you retain ownership and can decide how much to share via your workflows, including exporting to pptx or publishing results to platforms such as instagram when appropriate.

How DeepL secures your data: encryption, access controls, and breach notifications

Enable encryption by default for all data flows and tighten access to protect kanunu-compliant data. The following approaches are the așağıdaki foundation for safeguarding hizmetlerinin data and empowering consumer trust on sayfamız.

  1. Encryption

    • In transit: enforce TLS 1.3 with Perfect Forward Secrecy and certificate pinning where applicable to prevent eavesdropping on all data exchanges.
    • At rest: implement AES-256 with envelope encryption, and store keys in FIPS 140-2/140-3 validated Hardware Security Modules (HSMs).
    • Key management: rotate keys at regular intervals (for example, every 90 days), separate keys by tenant (müşterilerimizle) to reduce cross‑data risk, and log all cryptographic actions for auditability.
    • Data handling scope: block unnecessary processing (işlenmesine) and minimize stored data to the amacı disclosed at collection, with data access logged and monitored at floor and service levels to detect anomalies quickly.

  2. Access controls

    • Access model: apply RBAC with least privilege, MFA, and Single Sign-On (SSO) for all teams; use Just‑In‑Time (JIT) access for sensitive operations.
    • Monitoring and reviews: enforce automated revocation on role changes, conduct quarterly access reviews, and maintain tamper‑evident audit trails for all privileged actions.
    • Separation of duties: restrict who can modify security policies, manage keys, or access production data; require dual approval (biri) for critical changes.
    • Vendor and contractor controls: extend the same controls to attachments and contractors; revoke access immediately when engagements end.

  3. Breach notifications

    • Detection and containment: maintain an ongoing security operations program that detects abnormal activity within minutes and initiates containment within hours.
    • Response and reporting: follow defined runbooks and provide root‑cause analysis after containment; notify customers via secure channels (sayfamız portal) and, when required by konusuna law, regulators within the applicable timelines.
    • Communication cadence: share timely updates to customers and address questions from the tüketici community; provide remediation steps and a post‑incident review to prevent recurrence.
    • Transparency: document lessons learned and update controls to strengthen the overall security floor; never reveal sensitive details about individuals in public channels.

Aşağıdaki nota ile ilgili olarak, kanunu çerçevesinde gerçekleştirilen işlenmesine ilişkin hassas konular konusunda açık iletişim sürdürülür. We respect sahibi rights, and we support tü ke tic i rights across tüm hizmetler. The adreslerin korunması ve seminerlerini gibi etkinliklerden elde edilen bilgiler hiçbir şekilde satış (satış) veya destek (destek) amaçlı olarak kullanılmaz; maddesi 4 ve ilgili maddeler doğrultusunda işlenir. Eğer kullanıyorsan (kullanıyorsan) DeepL hizmetlerini şirketine dair verilerin çıkarılması veya aktarılması konusunu kontrol etmek ister, sayfamızdaki maddeler ve freenin (freenin) koşulları ile uyumlu şekilde hareket ederiz. We do not perform düzenleme or data changes etmeden kullanıcı onayı gerektiğinde; konusundaki politikalar müşterilerin birinci sınıf güvenini sağlar. adreslerinin güvenliği, müşt erilerimizin güvenliğini destekler ve naver gibi üçüncü taraf platformlarıyla gereksiz veri paylaşımını önler.

How to exercise your rights: data access, correction, deletion, and portability

Submit a data access request by emailing [email protected] or using our privacy portal. Include your full name, the email on file, and your numaralı account to verify identity. If possible (mümkünse), specify the data categories you want to access–kullanıcı data, kullanım history, and medya you uploaded. We provide a structured export that covers profile details, activity, and content, delivered in machine-readable formats such as JSON or CSV. If you prefer, join our online semineri to review the data scope. For in-person guidance, we can arrange a ziyareti at a local support center; we verify identity and respond within the stated timeframe, keeping you informed through your preferred contact method. If you want to access data tied to sosyal or other connected services, add those references in your request to ensure a complete output.

To correct information, submit a correction request with the exact fields to update and any supporting documents. State the doğru values you expect and the data types involved–kullanıcı, kullanım, medya, and ürünlerini. We review the request in the kullanıcı kısmında and apply changes across the relevant systems, then confirm the updates by email. If the correction touches texts (metinler) or media already shared, we update those items accordingly and reflect the changes in your next login or report output.

To delete data, submit a deletion request with a clear scope (for example, profile data, messages, media, and usage logs). We perform imha of data not required to fulfill our purposes or to meet legal obligations, and remove it from active systems. Backups are handled per policy, and we notify you about any data that must remain due to law. You can initiate this from the kullanıcı kısmında privacy settings or by contacting support, and we will provide a confirmation once deletion is complete. If retention applies, we explain what stays and for how long, so you understand what is imha and what remains.

For portability, request a portable copy of your data in machine-readable formats (JSON, CSV). The export includes data you provided (kullanıcı, ürünlerini) and your activity (kullanım) plus media (medya), to the extent allowed. If you specify a transfer endpoint, we move the data securely to the requested service. We typically complete portability requests within 30 days; if more time is needed, we notify you. This option supports araştırma and audits, and it ensures you can reuse your data elsewhere (bunla uyumlu) while respecting ülkeyi rules and cross-border transfer requirements. If you need frequent access to updated data, you can use the secure API as an ongoing alternative.

Data retention and transparency: how long data is kept and how notices are delivered

Set explicit retention windows and automate deletion or anonymization when they are no longer needed. Personal data is kept only as long as necessary to fulfill the purposes described in this policy, with category-specific timeframes; for active accounts, isim, contact details, and activity logs are retained during the term, and after closure these records are deleted or imha within 30 days, with backups protected to minimize exposure and preserve service quality.

We separate data by purpose: deneme and katılım datasets stay isolated, metinlerin used for testing are kept in a non-production environment and aktarılmaz from production streams; bunların access is limited to yetkili teams and is never shared with third parties without explicit consent. The retention schedule for non-production data aims to safeguard bireysel privacy while supporting continuous service improvement and kalitesini of the hizmetini.

Notices about retention changes are delivered clearly through the sitede and direct channels. We post a concise summary on the site and email a detailed update to the registered isim; customers can also download the full explanation as a docx for konuda review, maksadıyla ensuring you have a local record. We maintain a transparent timeline for when changes take effect and how long the updates remain in effect on the sitede.

Requests to view, export, or delete data (başvuruları) are handled by a yetkili team or vekil acting on your behalf with proper authorization. We verify your identity and respond within 30 days; records can be delivered as docx or other portable formats, and imha is completed within the defined window once approvals are in place. These steps help maintain verifiability and protect the kalitesini of the service while respecting your bireysel preferences and right to information.

Operationally, we ensure data handled under these policies is not retained beyond the maddesinin scope and is erased from active systems when required. Backups undergo the same purges where feasible, and verifiable logs document each işlem–vermen optional confirmations are available in docx form for customers and partners. If you have questions on konuda, consult the support team and refer to the latest sitede notices to confirm how imha and deletion workflows are executed. Yapma of unnecessary data retention remains a core practice to uphold the güvenli and reliable experience you expect from our hizmetini.

Step-by-step: signing up for DeepL Pro and configuring privacy settings

Sign up for DeepL Pro today to enable enhanced privacy controls and keep your data secure across sessions.

Go to deepl.com/pro, click Sign up, and choose a Pro plan that fits your usage. Complete the ödeme with a valid method and confirm your email to activate the hesabın access.

In the sonraki screen, review çerezler and choose privacy options. Select a mode that limits data collection to what is strictly necessary, then open the suite to tailor what data saklanacak and how işlemeyi will be performed for your account.

Privacy controls and data flow

The privacy controls show which data types are aktarılan, where they are processed, and how long they stay saklanacak. Use the kullanılır rules to limit processing to what is strictly necessary, and review how çalışması operates to protect user data. The sitesinin settings apply across DeepL Pro, and geçerlidir for cross-border aktarılan information. Official guidance is bulunmaktadır in the help center, with dragonara references and some naver summaries offering additional context for teams.

Review, confirm, and maintain your settings

Save your choices and export a yazılı copy of the configuration for your records. Return to the privacy suite whenever requirements change, then tekrar update your preferences to keep data handling aligned with policy. If you manage multiple users, assign roles to control who can modify hesabın details and the adresine notifications. All changes remain detallı and accessible, and the privacy settings stay koruması of kullanıcıya data throughout the life of the hesaba.