Raccomandazione: Tighten your data controls today: review cookies, disable non-essential data sharing, and limit what DeepL may Übertragen to andere parties. This reduces öffentlich exposure and keeps your information safer.

Our DeepL Privacy Policy Explained guide delivers concrete steps: it clarifies exactly what data is collected, how it is used, and what rights you have. It covers data categories such as input text, analyseereignisse, usage data, and cookies, and explains how device information is processed. The guide also shows practical controls you can enable to keep data private, unabhängig of others (unabhängig) and with a clear path for the user (selbst).

Key controls you will learn to apply include limiting what is Übertragen to andere parties, reducing reliance on cloud services where possible, and understanding how signals like cloudflare-bot-score affect risk. We highlight how derer security measures protect sicher transmissions and how to set retention levels that meet your needs without over-collecting. Below (unten) you will find exact steps to minimize data collection and to exercise your rights with confidence (dafür).

Practical actions for teams: adjust settings to keep kontrol of cookies, enable data minimization, and document who has access to benutzers and what data they can view (unabhängig from other teams). Prepare a clear, customer-friendly data map that shows what is collected, where it is stored, and who may access it (selbst and andere).

Upgrade option: our Pro Edition, created with townsend privacy experts, provides a ready-to-use explainer for your customers, plus templates, a rights-request playbook, and an executive summary you can share with benutzers. It helps you present data practices transparently and respond quickly to requests, while keeping your policies compliant and easy to audit.

What data DeepL collects across the 11 apps (categories, sources, and examples)

Configure privacy controls now to limit what is collected across the 11 apps and to control weiterverarbeitung of your data.

Categories and data types

Across the 11 apps, DeepL collects input content (texts you enter for translation), including besonderen texten, and may enthalten identifizierbar information when present. Metadata covers timestamps, language pairs, Bezug to projects, and vertraglich referenced contract details. Usage data records which features you nutzen, session length, and inaktivität signals. Technical data includes IP address, device type, operating system, app version, and browser identifiers. Cookies and similar technologies support session management and preferences, while speicherung tracks where data resides and for how long it stays in storage. Data is handled securely (sicher) and stored in a way that can be rechtfertigen purposes such as service improvements, while respecting your recht and ihrer preferences. Data may be linked to your unternehmen and be accessible to the team for legitimate business needs, including bearbeiten and texten workflows that stafeln andere inputs while protecting identifizierbar information where possible.

Inaktivität signals help Schließt idle sessions and reduce unnecessary processing, and jeder request to verbindet data with Bezug to a specific contract or recht of the user. Data retained for begrenzte periods supports wiederkehrende features and improves translation quality, while actively avoiding sharing information with anderen parties unless expressly allowed or required by law.

Sources and examples

Primary sources are user-provided content (ihrer texts) introduced into the apps, including documents and texten that may contain personenbezogene data. Automated telemetry from the apps, logs, and error reports also contribute data for weiterverarbeitung to diagnose issues and train models. Cookies and local storage capture preferences, login state, and cookies-based identifiers to enhance user experience. Third-party data may appear only under vertraglich approved conditions with corporate accounts (unternehmen), and is always tied to Bezuг et al. relevant to your contract (bezug). Data in transit and at rest undergo access controls so that only appropriate team members can bearbeiten or finden the information they need. In practice, you will see data enthalen in dashboards that show usage patterns and translation outcomes, while sensitive elements remain protected and schließt off from public view (veröffentlichen) unless you expressly authorize disclosure.

How DeepL uses collected data to operate services, secure accounts, and improve results

We use collected data to operate DeepL services, secure accounts, and improve results. This approach prioritizes performance, reliability, and user control, with clear options to adjust settings such as Übersetzungseinstellungen. Below is how it works in practice, with concrete examples and steps you can review on the page unten.

  1. Operate services and protect availability

    • We process request data, usage patterns, and system metrics to route translations, balance load, and recover quickly from faults. These metrics are gespeichert on encrypted storage and transmitted via secure Übertragung to the right services.
    • Access controls rely on zugreifen rules that prevent unauthorized data access. Operators follow klare Anweisungen, and automated checks help ermitteln suspicious activity before it affects your experience.
    • We timestamp events with zeit and uhrzeit to measure latency, track reliability, and correlate incidents. Data shown in the below sections helps teams identify and fix issues without exposing content you entered.
    • Fields such as adresse and namen are used only when required for a feature (for example, account setup or personalized settings) and are protected by strict access controls. Daten werden nur dann genutzt, wenn notwendig, und dauerhaft speichern wir sie nur gemäß Richtlinien.

  2. Sustain account safety and trusted access

    • We monitor login activity to zugreifen on anomalies, block risky attempts, and prompt users for verification if needed. This helps prevent unauthorized access and keeps your sessions secure.
    • Device and session signals are evaluated to determine whether a request comes from a trusted source. If anything appears unusual, we provide immediate Anweisungen to help you protect your account.
    • We support you in managing Übersetzungseinstellungen so that preferences stay aligned with your security choices and privacy expectations.
    • Unbedingt clear feedback is provided if a security event occurs, and you can review status changes on the page unten and in notifications.

  3. Improve results while respecting privacy

    • We use anonymized and aggregated data to refine translation quality, shorten turnaround times, and reduce errors. These improvements rely on überwachung der performance and aggregated outcomes, not raw content stored permanently.
    • Umfrageergebnisse from voluntary surveys help us understand user needs and adjust features. Daten from these surveys are gespeichert in aggregate form and not tied to individual content unless you opt in.
    • Übersetzungseinstellungen influence how samples are used to optimize models, and you can stützen or limit certain data processing in your account settings.
    • In the design of features, we consider andere inputs (such as usage context) only to the minimum necessary level, and we limit exposure of sensitive fields. Data Übertragung is encrypted, and seite sections that show results reflect this protection.

For quick reference, these data touchpoints appear across controls and documentation: weisen, dies, zugreifen, unbedingt, adresse, zeit, aufgeführten, gerne, dabei, veranstaltungen, anweisungen, ermitteln, neben, schließt, unten, namen, dauerhaft, dafür, umfrageergebnisse, gespeichert, andere, müssen, dass, uhrzeit, Übersetzungseinstellungen, stützen, Übertragung, seite.

Your privacy rights under the policy and how to exercise them (access, deletion, portability, objections)

Submit your request via the kontaktformular to access your data under the policy. We respond within 30 days with a concrete listing of the erhobenen items, including your iHerer data and nutzungsverhalten logs stored when interacting with our gmbh services.

Access and scope: You can obtain a copy of all data relating to you (ihrer personenbezogenen Daten) that we hold, including aktiv signatures, profile details, communications, and records about your nutzungsverhalten. We also disclose any data tied to beim employer or arbeitsverhältnis if processed in that context. Files are provided in a structured, machine-readable format to ensure easy abrufbar access.

Deletion: You may request gelöscht removal of data not required for contract (vertrags) or for compliance with aufbewahrungsfristen. We assess exemptions tied to geltenden gesetzes, tax or employment requirements and notify you if we must retain specific records. If a data item is part of a laufender Auftragsverarbeitungsvertrags, we coordinate deletion with the processor and confirm once completed. Requests without a legal or contractual basis are executed promptly.

Portability: You may export your erhobenen data in a structured, commonly used format suitable for transfer to another service. We ensure the abrufbar bundle includes core identifiers, settings, and usage logs. If your Anfrage involves translations, we offer übersetzungen upon request and provide näherer details in the accompanying data packet.

Objections and processing limits: You may raise objections to specific processing activities, such as direct marketing or processing based on legitimate interests. Include your anliegen in the kontaktformular and specify the scope of objection. We will review promptly, suspend or adjust processing where necessary, and inform you of the outcome, including any impact on data you may still access under other rights.

Data handling and rights management: When handling your requests, we operate under an auftragsverarbeitungsvertrags with service providers and ensure that geltenden Datenschutzbestimmungen apply. If you need additional support, provide näherer Informationen via contact and we will guide you through step-by-step actions compatible with your gmbh status and arbeitgeber policies.

RightWhat it meansHow to exercise
Access Obtain a complete copy of erhobenen data related to you, including persönlicherdaten and nutzungsverhalten logs, stored by the gmbh. Submit a request via the kontaktformular with clear identifiers and a description of the data you need. We reply within 30 days and provide a downloadable file (abrufbar).
Deletion Request removal of data not required for contracts (vertrags) or legal retention. Data may be retained if aufbewahrungsfristen or Auftragsverarbeitungsvertrags obligations apply. Use the kontaktformular to specify which records to delete. We confirm once gelöscht and outline any retained items due to geltenden rules.
Portability Export your data in a structured, machine-readable format to transfer to another provider. Includes core identifiers and usage data. Submit portability request through the kontaktformular, noting the desired format. We deliver an abrufbar package and offer übersetzungen if needed.
Objections Pause or limit processing based on legitimate interests or direct purposes. We reassess the necessity of the processing activity. File an anliegen in the kontaktformular with the specific processing you object to. We respond with a decision and any resulting changes to processing.

Practical privacy controls: per-app settings to review and enable

Start with a baseline: disable nonessential data collection across every app and enable only telemetry necessary for baseline functionality. Validate what is collected during a typical session and adjust privacy controls accordingly to reduce exposure.

Per-app review: data categories and sharing

Review data categories per app: submission fields, activity logs, and survey results. In survey tools, disable collecting extra personal details unless a clear purpose exists. In support portals, keep forms lean and avoid collecting sensitive identifiers unless required by a data processing agreement. Use a standard field set and avoid adding fields that trigger more data collection. Check integrations with external services and ensure data is not transmitted without explicit consent. Document the data usage rationale and the expected data flows. If data moves to external regions, confirm the handling terms and apply privacy controls as needed.

Enable controls and retention: per-app toggles and data minimization

Enable per-app toggles to limit data sharing and set a defined retention window for survey results; delete or anonymize old data after completion. Keep submission fields minimal; remove any fields not essential to the service. Apply licensing controls to limit third-party integrations and keep only trusted connections. Ensure access is restricted to roles that truly require it, and track who has accessed data. Avoid automatic export to external services; review each connection and remove those that are not needed. For processing in regulated regions, verify that requirements are met and document the decisions for future audits. Maintain a straightforward log of decisions and the context for stakeholders.

Retention, security measures, and third-party sharing across the DeepL app family

Recommendation: set a strict aufbewahrung window across all DeepL apps and enable automatisch deletion after defined periods. Limit inhalten storage to the minimum necessary to deliver the service, so your data footprint stays small and future exposure is reduced.

Data is organized by purposes zwecken and kept only as long as required to support features across the DeepL app family. Inhalten from translations, documents, and editor activity are retained for 30 days by default, with system logs and telemetry limited to 7 days. Aggregated insights-funktion data remains anonymized and is rotated after 12 months, unless a longer window is required by law or to diagnose a specific incident. This approach helps unabhängig audits while preserving Nutzer control through kontaktformular requests and the widerruf of consent where applicable.

Retention practices across the DeepL app family

We apply aufbewahrung principles consistently across the web app, desktop app, and mobile apps, ensuring 考虑 the angeschlossen services stay aligned. Each app stores minimale initialize data to deliver features without exposing personal Inhalte beyond what is necessary for operation. In future falle, retention policies can be adjusted per role, task type, or user preference, but always with explicit zustimmen and clear zwecken mapping. Our plans include periodic reviews to prevent excessive Speicherung, and we provide a kontakt option for moderating data requests via kontaktformular.

Security measures and third-party sharing controls

We protect data in transit with end-to-end TLS 1.3 and at rest with AES-256, plus strict access controls and regular audits. Each DeepL app family component uses independent storage boundaries to prevent cross-app leakage, and we monitor access with detailed logging to bewaert and bewertet any suspicious activity. Our cloud-based defenses include a Cloudflare-bot-score assessment to distinguish automated traffic from legitimate users, helping to block schadhaft activity before it reaches our servers. Data Übertragen to subprocessors occurs only under contract and with minimization of personally identifiable fields, ensuring Daten sharing stays within Zweck and is limited to the erforderlichen services. If a request involves coordination with moderation teams or content review, data is restricted to the minimum subset needed and retained only for necessary inspection and resolution of a falle.

Third-party sharing across the DeepL app family involves geklärt outsourcing to trusted angehören providers who support core functions such as translation memory, authentication, and analytics. These partners operate unter einer unabhängigen data-processing agreement and are constrained to kostenpflichtigen or free tiers as appropriate to service needs. We anonymize or pseudonymize data where possible, and we Übertragen only the data necessary to provide and improve features across apps. If a partner requires additional data for a feature, we obtain explicit Zustimmung (zustimmen) and document the purpose in our Datenschutzerklärung, detailing the specific zwecken for each transfer and the expected horizon of usage.

Users retain control through the kontakt option: use kontaktformular to exercise rights, request data deletion, or initiate widerruf of consent for specific verarbeiten. We provide clear instructions within the app and on our site, including a webinar that explains retention and security practices in plain terms, plus practical steps to adjust settings and review app permissions. For accuracy and transparency, any insights-funktion data used for diagnostics is described as optional and demonstrably limited to improving performance without exposing sensitive Inhalte.