We’re expanding DeepL’s data infrastructure – here’s what’s changing and why

Global scale and performance require global data infrastructure. We are expanding DeepL’s data infrastructure and adding AWS as a sub-processor, to align with DeepL’s growth and deliver the performance all of our customers expect. 

We know this raises important questions about customer data, where it’s stored and how it’s controlled. This update explains what’s changing, what isn’t, and how your data remains protected when using DeepL.

What’s changing

In order to bring DeepL to more customers worldwide, this is what we’re changing:

• We will no longer process data exclusively within Europe
• We are adding AWS as a sub-processor to support global scale and performance

This ensures that DeepL delivers low-latency and real-time performance, everywhere in the world.

What doesn’t change

What absolutely does not change is the way that we protect customer data, and the control that our customers have over who can access it.

DeepL remains the data processor. We have added AWS as a sub-processor to our services providing the necessary infrastructure for global scale. AWS will not control or access customer data in any usable form. Your data is encrypted in transit and at rest, and we do not use customer data from paid services to train our AI models.

Our security features are designed to give you full control over your data. With Bring Your Own Key (BYOK) encryption, you generate and manage your own encryption keys, and you can revoke access to your data at any time. Once you remove your key, your data is completely out of reach of DeepL and any infrastructure partner we work with.

DeepL will continue to comply with all of the strict data privacy and security standards that we do today. These include the C5 Type 2 attestation from Germany’s Federal Office for Information Security, the United States Health Insurance Portability and Accountability Act (HIPAA), GDPR, ISO 27001 and SOC 2 Type 2. We are trusted to handle data for Europe and the world’s public services and most sensitive industries, and we still will be.

If customers have specific requirements for data residency, we will work with them to configure solutions that mean their data never leaves Europe.

Why we’ve made this change

This change enables real-time performance for our language solutions for every customer, everywhere in the world. It enables DeepL to operate globally, at enterprise scale.

We’ll be able to scale our data hosting infrastructure dynamically as workloads spike across time zones and markets. This means our products will be able to handle peaks in demand at busy times. It guarantees real-time performance for the new capabilities DeepL is launching, like voice-to-voice translation and integrated translation workflows for business.

Enabling greater choice for customers

We’re also able to provide options for DeepL customers in different markets to meet in-country data residency requirements, should they need to. This opens the door for all customers to take greater control of where their data is processed. AWS customers can deploy DeepL within their existing IT environment, so that data need never leave their own technology stack when using DeepL. They can also access DeepL through AWS Marketplace, enabling faster deployment.

Built in Europe, for global trust

DeepL was built in Europe with clear principles. Privacy is fundamental. Security is non-negotiable. Trust is based on control, not claims. Expanding our infrastructure doesn’t compromise these principles. It allows us to apply them globally.