DeepL Logo

Privacy Policy DeepL

Protecting your privacy and personal data is very important to us. We therefore only use your personal data within the scope of legal regulations, in particular the General Data Protection Regulation ("GDPR") and the German Federal Data Protection Act ("BDSG"). With this privacy policy, we would like to inform you - regardless of whether you set up a DeepL Pro account, use our various apps or visit our website - about the nature, scope and purposes of the collection, use and processing of your personal data by DeepL SE.

1. Data controller / Contact / Data Protection Officer

The data controller responsible for data processing pursuant to the GDPR, BDSG, other data protection laws applicable in the member states of the European Union, and other regulations relating to data protection is:

DeepL SE Maarweg 165 50825 Cologne Germany

If you have any questions or concerns about privacy, please contact privacy(at)deepl.com. For the conclusion of a data processing agreement pursuant to Art. 28 GDPR (see in detail section 4) and for general questions about our products, please contact sales(at)deepl.com. Further information on the data processing when contacting DeepL can be found in section 11.

DeepL's external corporate Data Protection Officer, Dr. Christian Lenz, can be contacted at the following address: dhpg IT-Services GmbH, Bunsenstr. 10a, 51647 Gummersbach, via email to datenschutz(at)dhpg.de, or by telephone on +49 2261 8195 0.

2. Scope of Data Protection

Data protection applies to personal data as defined by the GDPR, i.e. all information relating to an identified or identifiable natural person. An identifiable natural person is deemed to be a natural person who can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, an online identifier or to one or more specific attributes.

3. Texts and Translations - DeepL Translator (free version)

When using our translation service, please only enter texts that you wish to transfer to our servers. The transmission of these texts is necessary in order for us to provide the translation and offer you our service. We process your texts, the documents you upload and their translations for a limited period of time to train and improve our neural networks and translation algorithms. This also applies to corrections you make to our translation suggestions. The corrections are forwarded to our servers to check them for accuracy and, if necessary, to update the translated text according to your changes. If you use the glossary feature and enter certain pairs of terms there, this data is only stored locally and is not forwarded to our servers. Therefore, you cannot use your glossary entries in another browser or on another device.

Please note that according to its Terms and Conditions, you may not use DeepL Translator for the translation of texts containing personal data of any kind. The translation of personal data is only possible as part of a DeepL Pro subscription (please see section 4).

4. Texts and Translations - DeepL Pro

When using our DeepL Pro subscription to translate texts, the texts or documents you submit will not be permanently stored and will only be kept temporarily to the extent necessary for the production and transmission of the translation. After complete performance of the contractually agreed services all submitted texts or documents and their translations will be deleted. When using DeepL Pro, your texts will not be used to improve the quality of our services. For further information on the processing of your data within the DeepL Pro subscription, please refer to section 5 of this privacy policy and our DeepL Pro Terms and Conditions.

Please note that using DeepL Pro for the translation of texts containing personal data of any kind is only permitted if there is a justification for this under data protection law. Therefore, our T&C provide for the conclusion of a data processing agreement (see section 8.1.3 of DeepL Pro Terms and Conditions). To enter into such an agreement, please contact sales(at)deepl.com.

5. Creating a DeepL account and Signing up for a DeepL Pro Subscription

5.1. Creating a DeepL account 

You have the option of creating a DeepL account. You can use the DeepL translator via this account within the applicable DeepL Account Terms and Conditions (please see also section 3). To create the account, the following personal data will be stored:

  • E-mail address

  • Password

  • IP address

We process the email address and password on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR in order to perform the contract of use. Your IP address is processed in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR, as it is in our legitimate interests to match your IP address with IP addresses that have misused our service in the past for fraud prevention purposes.

Please note that the creation of a DeepL account is a prerequisite for signing up for and using a DeepL Pro subscription (see section 5.2), but creating a DeepL account does not oblige you to purchase a paid subscription. Even if you do not sign up for a DeepL Pro subscription after creating the account, the DeepL account remains available and you can use it. You can delete your DeepL account at any time by sending an e-mail with your request to support(at)deepl.com.

If your company uses Single Sign-On (SSO) to log in to DeepL, there is no need for a separate registration with DeepL. When you log in via Single Sign-On your company transmits your email address as well as your first and last name directly to us. We also process this data on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR.

5.2. Signing up for DeepL Pro

If, after creating a DeepL account, you sign up for a DeepL Pro subscription, additionally the following personal data will be collected and processed for the purposes of concluding and fulfilling the contract (Art. 6 para. 1 sentence 1 lit. b) GDPR):

  • First name, surname, and where applicable, company name

  • Address

  • Payment details

  • Tax numbers (where applicable)

  • Selected subscription option

  • Possibly other, additional data you provided during the registration process.

Your payment details will also be processed by us if you initially sign up for a DeepL Pro subscription with a free trial period. Despite the free trial period, the processing of your payment details is already necessary at the time of the formation of the contract within the meaning of Art. 6 para. 1 sentence 1 lit. b) GDPR, as a DeepL Pro subscription is in principle a paid subscription and we only in some cases allow our customers to test our products free of charge for the first 30 days. However, if no cancellation is made within the first 30 days, the subscription will automatically continue to be subject to payment and the method of payment specified by you will be debited at the time stated in the booking process.

In order to process payments, we forward the necessary payment data to our authorized payment service provider Stripe Payments Europe Ltd., Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland. Where necessary, Stripe will transfer the data to Stripe, Inc., located in the USA. Further information on data protection at Stripe and compliance with the requirements of Art. 44 GDPR can be found here and here. We have concluded a data processing agreement with Stripe, which allows Stripe to process the data solely in accordance with our instructions and not for its own purposes.

In addition to the aforementioned data, we process further (usage-)data relevant for the provision and billing of our service, such as subscription ID, date and time of the subscription conclusion, billing period, successful payment processing, log-ins, number of translated characters and documents, upgrades and downgrades. The processing and storage of the aforementioned data is necessary for the conclusion of the contract as well as its performance and is therefore justified according to Art. 6 para. 1 sentence 1 lit. b) GDPR. If you yourself are not a party to the contract, but DeepL Pro is provided to you, e.g. by your employer or an organization to which you belong, we justify the processing of the data mentioned in section 5.1 and the aforementioned usage data via Art. 6 para. 1 sentence 1 lit. f) GDPR, as this is necessary for the performance of the business relationship with our customers, i.e. your employer or your organization.

We store the data for the duration of the contract term and subsequently, if applicable, for the duration of statutory retention periods, insofar as these prescribe the retention for the respective types of data. We will delete your account if you wish to do so after canceling your subscription. Otherwise, we will maintain your account as DeepL account so that it is available to you in the event of a renewed subscription without you having to register again. This is in your as well as in our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

In your account in the section “usage”, you can also view data about your usage behavior e.g., - depending on your subscription - the number of characters translated in the past or the number of documents translated. If you have a consumption-based subscription, such as the DeepL API Pro, you can also view the monthly costs incurred. We justify this data processing via Art. 6 para. 1 sentence 1 lit. f) GDPR, insofar as it is necessary for the performance of the contract, in particular for billing purposes or for managing the number of documents still available for translation. Insofar as the processing goes beyond what is necessary for the performance of the contract, we base the processing on our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR, as we seek to meet our customers' wish to visualize information on usage behavior in a transparent manner. The graphical representation of the development of consumption over the contract period is considered to be also in the interest of our customers.

If you yourself are not a party to the DeepL Pro subscription, but access to our products is provided to you by your employer or an organization to which you belong, it is possible that we share data about your usage behavior (e.g. last login date) with your employer or organization. Such data transfer only takes place insofar as this corresponds to our legitimate interests as well as the legitimate interests of our customers in receiving information about the use of the subscriptions they have paid for and your interests do not override in the individual case.

5.3. Processing of the Submitted Texts and Translations

We process the texts you submit to DeepL Pro and their translations only temporarily, insofar as this is necessary for the creation and transmission of the translation. The processing is therefore justified by Art. 6 para. 1 sentence 1 lit. b) GDPR. Your texts and the translations will - within the framework of the contractual agreements and as stated in section 4 - not be stored permanently and will be deleted after the performance of the contractually owed service. The only exception is if you use the "save translations" feature in our apps. In this case, texts selected by you, including translations, can be saved locally on the device used and thus kept accessible at all times.

If you use our glossary feature and store certain term pairs there, this data will be forwarded to our servers and stored for your account. If you want to use the glossary function as part of our service, the data processing that takes place in this context is necessary for the performance of our contract and is therefore also justified by Art. 6 para. 1 sentence 1 lit. b) GDPR.

6. Translation of documents

6.1. Translation of .docx and .pptx Documents with DeepL Translator and DeepL Pro

You can translate documents in .docx and .pptx format both with DeepL Pro as well as with DeepL Translator. When using document translation in DeepL Translator, section 3 of this privacy policy applies. If you translate documents of the file types mentioned above while you are logged in to your DeepL Pro account, the texts you submit will only be processed temporarily and will be deleted after the completion of the translation process, including the translations themselves (see also section 4 and 5.3 of this privacy policy).

6.2. Translation of PDF documents with DeepL Translator and DeepL Pro

DeepL offers the translation of PDF documents for both DeepL Translator and DeepL Pro; in this respect, section 6.1 applies accordingly. Please note the following specifics: The actual translation of your documents will continue to be provided exclusively by DeepL and processed on our infrastructure in the EEA. In order to be able to translate PDF documents, it is necessary for technical reasons to convert the content of the PDF files into formatted text. For this purpose, we use the API of Adobe Systems Software Ireland Limited, 4-6 Riverwalk, City West Business Campus, Dublin 24, Republic of Ireland ("Adobe API"). The PDF documents are sent to the Adobe API, converted there, sent back to DeepL in the required format and translated by DeepL. The infrastructure of Adobe Inc., 345 Park Ave, San Jose, CA 95110, USA, is also used in the conversion process. To make the text translated by DeepL available to you again in PDF format, the Adobe API is used once more (this time in reverse order). Adobe stores the files received on its servers for a maximum period of 24 hours. We have concluded a data processing agreement with Adobe Systems Software Ireland Limited and therefore the transferred data may only be processed according to our instructions. To justify the data transfer to the USA, Adobe Systems Software Ireland Limited and Adobe Inc. have agreed on EU standard contractual clauses, Art. 46 para. 2 lit. c) GDPR. Further information on the handling of personal data at Adobe can be found here.

If you upload documents containing personal data for PDF translation as a DeepL Pro customer in accordance with section 4 of this privacy policy, we will process this data in accordance with your express instructions. You give us this instruction by confirming before each translation of a PDF document that you want to translate it using the Adobe API. As a DeepL Pro customer, you have the option of permanently saving the instruction in the translation settings of your account. For team accounts, the translation of PDF documents is only possible after prior authorisation by the team administrator. When using the DeepL API Pro, we cannot ask you for your instruction before each translation of a PDF document for technical reasons. You therefore give us your instruction by allowing the use of this function in your account settings prior to translating PDF documents.

You can adjust your instruction at any time in the translation settings in your account. In consequence, we will ask you again for your confirmation before each translation of a PDF document. Further explanations on how to manage your translation settings depending on the DeepL Pro subscription you have chosen can be found here. Free users who want to translate PDF documents with DeepL Translator will also find further information there.

If you choose not to translate PDF documents, your texts will still be processed exclusively within the European Economic Area.

6.3. Temporary Storage of Metadata when Translating Documents

Regardless of whether you use our paid or free service when translating documents, particularly the following data is stored for each translation process:

  • Status/progress of the translation process

  • Document file type

  • Selected language pair for translation

  • Estimates of time needed for the translation

  • References to the applied glossary (when using DeepL Pro)

  • Content of the applied glossary (when using the free translator)

  • Number of characters calculated

  • Errors that occurred during the translation process

This information is processed in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR based on our legitimate interest in improving the functionality of our products, as this makes it easier to identify any sources of error related to the translation process. The data is stored in a database that can only be accessed by selected employees and is automatically deleted after 14 days.

7. Automatic Collection of Data via Website Access

Regardless of whether you use our paid or free service, your device automatically transmits certain data for technical reasons when you access our website www.deepl.com. The following data that you may send us will be stored:

  • Date and time of access

  • Browser type and version

  • Operating system

  • URL of the website previously visited

  • Volume of data transmitted

  • Requested domain

  • Notification of successful data retrieval

  • Search term when using a web browser

  • Abbreviated/anonymized IP

  • Full IP address

  • Diagnostic information in the event of errors

Processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is stored for purely technical reasons. Website access data is used for error analysis, ensuring system security, logging access to DeepL Pro and for improving our translation service. Based on your IP address, we also use geolocation to determine the region from which you are visiting our website. We use this information to check whether we can offer you the DeepL Pro service in your region, which corresponds to our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR. The storage of the full IP address for the users of the DeepL free version for a maximum period of 14 days is also justified by our legitimate interest in achieving the listed purposes, Art. 6 para. 1 sentence 1 lit. f) GDPR. The storage of IP addresses of users of the paid DeepL Pro subscription for the duration of the contract is justified by Art. 6 para. 1 sentence 1 lit. b) GDPR.

Our website also uses services of Cloudflare, Inc, 101 Townsend St, San Francisco, CA 94107, USA ("Cloudflare"), which operates a so-called Content Delivery Network (CDN). To protect our website, the data transfer between your browser and our servers is routed through Cloudflare's infrastructure in order to analyze whether it is an abusive attack. As part of this analysis, your data is transmitted to Cloudflare in encrypted form, if necessary also to Cloudflare servers in the USA. However, since your translation requests and other customer data are encrypted between your end device and the DeepL servers, Cloudflare does not have any access to this data, but only to meta-data (such as your IP address). Only static resources (such as graphics) are loaded directly from Cloudflare-servers. In addition, Cloudflare determines a so-called botscore immediately before the login to DeepL, which is based on the analysis of the metadata of the client (browser) used. This data is deleted after 30 days. The use of Cloudflare is in our legitimate interest to secure the use of our website and to prevent and defend harmful attacks from outside, Art. 6 para. 1 sentence 1 lit. f) GDPR. We have concluded a data processing agreement with Cloudflare and Cloudflare may therefore only process the data according to our instructions and not for its own purposes. You can find more information about Cloudflare's handling of personal data here.

8. Cookies and Web Storage on deepl.com and Analysis of User Behavior 

8.1 Use of Cookies and Web Storage on deepl.com

We use "cookies" and web storage objects to provide you with a variety of features and improve your user experience. Cookies and web storage objects are small text files that are temporarily stored on your computer via your browser.

If you do not want us to use cookies or web storage objects, you can change your browser settings accordingly. Please note that if you completely disable the use of cookies or web storage objects, the functionality and scope of the website may be impaired.

We specifically use cookies or web storage objects in the following categories:

  • Necessary: These cookies or web storage objects are necessary to ensure the functioning of our website and the formation as well as the performance of contracts. The cookies serve security purposes, the smooth navigation on our website, the provision of the most important functions of our products, the storage of your settings such as the display language of the website and the selected translation language as well as the handling of the checkout process for DeepL Pro. In addition, statistical data about the use of our website is collected. The collecting of data via the necessary cookies or web storage objects is justified according to § 25 para. 2 no. 2 TTDSG (“Telekommunikation-Telemedien-Datenschutz-Gesetz”: German Telecommunications and Telemedia Data Protection Act). The further processing of this data is either necessary in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR for performing the contract or justified due to our legitimate interest in presenting our products and our company in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR.

  • Performance: In order to continuously improve our website, we collect data for statistical and analytical purposes. We and our external service providers use these cookies or web storage objects with your explicit consent in accordance with § 25 para. 1 TTDSG. The further processing of this data is also based on your consent, Art. 6 para. 1 sentence 1 lit. a) GDPR.

  • Comfort: We use these cookies or web storage objects to make using our website more comfortable for you. For example, we remember which areas of the website you have already visited and help you to use the website in the best possible way. In accordance with § 25 para. 1 TTDSG and Art. 6 para. 1 sentence 1 lit. a) GDPR, we only use these cookies or web storage objects and process the data collected from them with your explicit consent. 

The table below lists the different types of cookies and web storage objects that may be used on our website. Cookies or web storage objects are stored until the specified expiration time or until you delete them in your browser or, if it is a session cookie, until the session has expired. You can withdraw your consent for the use of cookies or web storage objects in the categories “Performance” and “Comfort” in each of these categories directly in the table below.

With the exception of the third-party cookies from our payment service provider Stripe (see explanatory notes, section 5.2), the customer support software from Zendesk (see explanatory notes, section 11.1) and the marketing software from HubSpot (see explanatory notes, section 12) the information generated by cookies and web storage objects is transmitted to servers within the EU and stored exclusively there. Data is not passed on to third parties.

8.2 Analysis of User Behavior

In order to better understand how our products are used and to better tailor our products to the needs and desires of our customers, we analyze pseudonymized data about our customers' use of DeepL Pro products. The analysis allows us to understand general usage habits and derive different target and user groups. We can then address the identified user groups in a more specific way and, for example, point them to previously unused or unknown features of our products. In this way, we enable our customers to get to know and use all the features of their DeepL subscription and can thus improve the user experience of the DeepL products. This corresponds to our legitimate interests according to Art. 6 para. 1 p. 1 lit. f) GDPR. The data is processed exclusively on DeepL’s servers in the EEA, the data is not transferred to the USA. No transfer of the data to third parties takes place.

Overview of the cookies and web storage objects used by DeepL:

icon-lock Necessary

ContextIDDescriptionTechnologyExpiryOwner
Site localizationIDilDescription
Stores the interface language selected by the user.
TechnologyCookieExpiry1 monthOwnerDeepL
Site localizationIDi18nextLngDescription
Stores the interface language selected by the user.
TechnologyLocal StorageExpiryPersistent DataOwnerDeepL
Privacy SettingsIDprivacySettingsDescription
Stores the user's cookie-banner decision. You can change the settings here.
TechnologyCookieExpiry12 monthsOwnerDeepL
TranslatorIDLMTBIDDescription
Used to guarantee the origin of a request to the translator and protect from malicious visitors. This ensures that the service is not compromised for the remaining visitors.
TechnologyCookieExpiry6 monthsOwnerDeepL
TranslatorIDLMTDescription
Stores settings made explicitly by the user. E.g. preferred translation language or entries in the glossary.
TechnologyLocal StorageExpiry1 monthOwnerDeepL
TranslatorIDproductRecommendationsDescription
Used for feature onboarding and discovery on the translator.
TechnologyCookieExpiry7 daysOwnerDeepL
TranslatorIDrecommendationFlagsDescription
Used to store additional translator settings of the user.
TechnologyLocal StorageExpiry6 monthOwnerDeepL
Discovery and OnboardingIDclickOnWordHint, LMT_MessageBox, onboardingData, showAppOnboarding, AppOnboardingInfoDescription
Stores if the user has on-boarded with features to ensure that onboarding prompts are only displayed once.
TechnologyLocal StorageExpiry1 to 6 monthsOwnerDeepL
Checkout ProcessIDFurther details about Stripe 3rd party cookies can be found under https://stripe.com/cookies-policy/legal.Description
Fraud detection and security for check-out and payments. This cookie is only set if you enter the checkout process or view your account payment information.
TechnologyCookie (3rd party)ExpirySession to 2 yearsOwnerThird Party - Stripe
Checkout ProcessIDuserCountryDescription
Stores the user's selected country during the checkout process.
TechnologyLocal Storage / CookieExpirySessionOwnerDeepL
Checkout ProcessIDnewpro-checkoutDescription
Stores the user's selected DeepL Pro plan during the checkout process.
TechnologyLocal StorageExpiry7 daysOwnerDeepL
DeepL Pro-User Login/SessionIDdl_sessionDescription
Stores users login token to keep the user logged in on the site. Permanently stored when "remember me" is selected during the login, or expires after 30 minutes of inactivity if not.
TechnologyCookieExpiry100 yearsOwnerDeepL
DeepL Pro-User Login/SessionIDdl_logoutReasonDescription
When you get logged out accidentally, we will help you with an error message. We use this cookie to deliver this message to you so you can prevent this problem in the future.
TechnologyCookieExpirySessionOwnerDeepL
DeepL Pro-User Login/SessionIDepDescription
Ip-Based Enterprise Account login token. Checked once per session and deleted afterwards.
TechnologyLocal StorageExpirySessionOwnerDeepL
DeepL Pro-User Login/SessionIDuserDescription
Stores the display name of logged-in users to display their name. Deleted if the user logs out.
TechnologyLocal StorageExpiry7 daysOwnerDeepL
Release processIDreleaseGroupsDescription
Used for gradual, controlled releases to ensure stability, quality and performance of our service and infrastructure.
TechnologyCookieExpiry1 monthOwnerDeepL
Session IDIDdapSidDescription
Session ID and timestamp. Automatically deleted after 30 minutes of inactivity.
TechnologyCookieExpirySessionOwnerDeepL
App Usage Statistics - only for DeepL AppsIDappUsageStatsDescription
Remembers when the user last used the app.
TechnologyLocal StorageExpiryPersistent DataOwnerDeepL
Sales Form Usage StatisticsIDsalesContactStatsDescription
Remembers when the user submitted the form.
TechnologyLocal StorageExpiryPersistent DataOwnerDeepL
Document translationIDLMT_doctranslate_clientDescription
Used to bind an ongoing document translation process to a user and protect the document translation feature from excessive use by individual users. This ensures that the service is not impacted for the remaining users.
TechnologyCookieExpiry1 monthOwnerDeepL
Document translationIDLMT_text_translator_usage_free Description
Used to bind an ongoing text translation process to a user and protect the translation feature from excessive use by individual users. This ensures that the service is not impacted for the remaining users. 
TechnologyCookieExpiry1 monthOwnerDeepL
SecurityIDdapUidDescription
User identifier to ensure correct operation of our systems, including to identify malicious bots and measure performance.
TechnologyCookieExpiry12 monthsOwnerDeepL
SecurityIDdl_clearanceDescription
Used to prevent misuse of our services by using the Cloudflare bot score.
TechnologyCookieExpiry5 minutesOwnerDeepL
Product Support/ZendeskIDzendeskDescription
Third-party cookie used by our ZenDesk support tool. Necessary for the operation of the service (bot detection and session management).
TechnologyCookieExpiry1 monthOwnerThird Party - Zendesk
Product Support/HubSpotIDhubspotDescription
Third-party cookie used by our HubSpot sales tool. Used for session management and to prevent misuse.
TechnologyCookieExpiry1 monthOwnerThird Party - HubSpot
User FeaturesIDdl_featureSetDescription
Stores the features which are available to the user depending on the account or subscription.
TechnologyLocal Storage ExpiryPersistent DataOwnerDeepL

Performance

ContextIDDescriptionTechnologyExpiryOwner
Visit CountIDdapVnDescription
Stores how many times the user has visited the site.
TechnologyCookieExpiry12 monthsOwnerDeepL

Comfort

ContextIDDescriptionTechnologyExpiryOwner
TranslatorIDuserRecommendationsDescription
Used to  personalise the users experience. 
TechnologyCookieExpiry7 daysOwnerDeepL
TranslatorIDrecommendationFlagsDescription
Used to store additional translator settings of the user.
TechnologyLocal StorageExpiry6 monthOwnerDeepL
Product informationIDapiDocsVisitedDescription
Stores whether API documentation has been visited to help users select the correct package at checkout.
TechnologyLocal StorageExpiryPersistent DataOwnerDeepL

9. DeepL Apps

In addition to the translation service on our website, we also offer apps for Windows and macOS operating systems (“desktop apps”), as well as apps for iOS and Android (“mobile apps”), through which you can also translate texts.

You can use the desktop apps in both the free version and the paid DeepL Pro version. The Android app is available in the free version. If you use the free version of DeepL in the apps, Section 3 of this Privacy Policy applies; if you use the paid DeepL Pro version, Sections 4 and 5 apply. As the desktop apps use the same interfaces for creating translations as the web-based service, also sections 6 and 7 of this privacy policy apply to the use of these apps.

When translating texts with our apps, for technical reasons - regardless of whether you use our paid or free service - your device will automatically transmit certain data. The following data which you can transmit to us, is stored:

  • Date and time of access

  • Version of the app

  • Operating system

  • Volume of data transmitted

  • Notification of successful data retrieval

  • Abbreviated/anonymized IP address

  • Full IP address

  • Diagnostic information in the event of errors

  • Type of mobile device (only for iOS and Android app)

  • Language in use

  • Time zone difference from Greenwich Mean Time (GMT)

  • Access status/HTTP status code

The processing of this data is based on our legitimate interest in ensuring and improving the stability and functionality of our services, Art. 6 para. 1 sentence 1 lit. f) GDPR. This data is stored solely for technical reasons. Data relating to access is used for error analysis, ensuring system security, logging access to DeepL Pro and to improve our translation service. The full IP address of users using the free version of DeepL is stored for a maximum period of 14 days, which is also justified by our legitimate interest in achieving the listed purposes, Art. 6 para. 1 sentence 1 lit. f) GDPR. The full IP address of DeepL Pro users is stored for the duration of the contract on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR.

If you use our mobile apps, it is also possible to have the entered text and the translation read aloud or to dictate the text to be translated yourself. The speech service installed on your device is used for this purpose. Please note that this may result in the transfer of the entered or spoken content to the provider of the speech service used by your device, possibly also to the USA. DeepL has no influence on this processing of your voice and audio data, therefore the privacy policy and terms of use of the speech service used by your device e.g. provided by Apple, Google or Samsung, but also those of other speech services that cannot be listed exhaustively, apply. 

We use necessary cookies and web storage objects in our desktop apps as described in section 8.

No cookies are used in our mobile apps. However, a unique user ID (no cross-device ID) is used, which allows us to track, for example, the source and target language settings, how many characters are translated, whether the copy button is used, and if so, how it is used. The processing of this data is based on our legitimate interest (Art. 6 para. 1 sentence 1 lit. f) GDPR) to better understand the needs of our users and to be able to adapt the app according to customer requirements.

10. DeepL API Free

In addition to the paid DeepL API Pro plan, we also offer a limited free version of our API (DeepL API Free). For further information, please see our DeepL Pro Terms and Conditions and section 3 on using the free version of DeepL.

In order to use DeepL API Free, it is necessary to create a DeepL account (please see section 5.1). If you select the API Free option during the checkout process, further data, as specified in section 5.2, will be collected. Although no costs are incurred when using DeepL API Free - subject to a (possible) upgrade - your payment data is collected in order to prevent improper use of API Free. Solely for this purpose, payment information is also passed on, in accordance with section 5.2, to the payment service provider we have commissioned, Stripe Payments Europe Ltd.

We process your data in order to perform the free-of-charge usage contract concluded between you and us on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR and on the basis of our legitimate interest in preventing misuse of the API Free, Art. 6 para. 1 sentence lit. f) GDPR.

11. Contacting our Sales or Support Team

You have the possibility to contact us via various contact forms on our website. You can also contact us directly by email.

11.1. Sales and Support Requests

If you would like to send us a sales enquiry in order to receive further information about our products and subscription plans or to start contract negotiations, you are welcome to use our sales contact form. In addition to your email address, you are required to provide your name and telephone number; all other information is optional. For the provision of our contact form, we use the HubSpot service (see section 12), where your request is pre-filtered and then forwarded to the ticket system of the provider Zendesk Inc. ("Zendesk"), 1019 Market Street, San Francisco, CA 94103, USA. We use Zendesk to process your enquiry and your further communication with us, we also use the service to manage our customer database. This may also involve the transfer of your contract data to the USA. We have entered into a data processing agreement with Zendesk and Zendesk may therefore only process the data in accordance with our instructions and not for its own purposes. Further information on the handling of personal data at Zendesk and on compliance with the requirements of Art. 44 GDPR can be found here and here. We also use the Customer Relationship Management System (CRM) of Salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 München, Deutschland (“Salesforce CRM”) to manage our customer database, which includes our existing and potential customers, and to organize sales and communication processes. Furthermore, Salesforce CRM enables us to analyse our customer-related processes. We have concluded a data processing agreement with Salesforce and Salesforce is therefore only allowed to process the data according to our instructions and not for its own purposes. The customer data is stored on servers in the EU.

If you contact our support team with questions about your contract and its implementation via our contact form, it is necessary to provide a valid email address so that we know who the inquiry comes from and can respond to it. We also use the aforementioned ticket system Zendesk to respond to your enquiry.

For both support and sales enquiries including any subsequent correspondence , Art. 6 para. 1 sentence 1 lit. b) GDPR serves as the legal basis for the processing of your personal data, as the processing is necessary for the initiation of the contract or the conclusion and performance of our contract. Art. 6 para. 1 sentence 1 lit. b) GDPR also provides justification for the processing of personal data that may be contained in documents sent to our Support team. We will store your data for the duration of our business relationship and subsequently for the duration of the legal retention periods where this is required. The processing of your personal data as part of our customer database and the analyses of our customer-related processes is based on Art. 6 para. 1 sentence 1 lit. f) GDPR, as this is in our legitimate interest.

If you have contacted our Support team via the contact form, it is possible that we will subsequently inquire by email about your satisfaction with our customer service. In this case, we will process your data on the basis of our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR in order to determine customer satisfaction and to continuously improve our service.

11.2. Privacy Requests

You also have the option of contacting privacy(at)deepl.com with questions or concerns about data protection at DeepL. We process your data in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR on the basis of your voluntarily given consent. We also use the Zendesk ticket system to respond to privacy enquiries, so please also note the above explanations in this regard under section 11.1.

12. DeepL Newsletter and Customer Satisfaction Surveys

12.1. Product Emails

If you have signed up for DeepL Pro or DeepL API Free, we will occasionally send you emails with news on our products, such as the launch of new languages and new features as well as on related products and services. This will also include information and tips on how to get the most out of DeepL Pro. We are entitled to use the email address you provided when signing up for a DeepL Pro/DeepL Free API subscription in this way under the legal conditions of § 7 para. 3 of the German Act against Unfair Competition (UWG). Given our existing contractual relationship, it is also in our legitimate interest to inform you as set out above (Art. 6 para. 1 sentence 1 lit. f) GDPR). If you do not wish to receive such emails from us, you can object to the use of your email address for this purpose at any time by sending an email to support(at)deepl.com. Of course, each of our emails contain an unsubscribe link at the end. For sending the newsletter, we use a service provided by HubSpot, Inc. ("HubSpot"), for more information see 12.4.

12.2. Marketing Emails

If you like to receive more detailed information about our company, products, services and promotions, you can sign up for our marketing newsletter. We may send you information about special offers, promotions and marketing campaigns and other news from DeepL from time to time. The processing of your data is based on your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR). You can withdraw your consent at any time with effect for the future by sending an email to support(at)deepl.com. Of course, our emails each contain an unsubscribe link at the end. We also use the HubSpot service to send the marketing newsletter, for more information please see 12.4.

12.3. Customer Satisfaction Surveys

From time to time, DeepL sends out customer satisfaction surveys via email to inquire about your satisfaction with our products. Participation in the surveys is voluntary and they can generally be answered anonymously, but you also have the option to voluntarily provide your name and/or email address. If you do so, we may contact you afterwards and ask if you would be willing to share your experience with us in a personal conversation.

This processing of your data corresponds to our legitimate interests according to Art. 6 para. 1 sentence 1 lit. f) GDPR to improve our products and to further develop them according to our customer’s wishes. If you voluntarily provide your name and/or email address in the survey, we justify the processing of your data via your consent pursuant to Art. 6 para. 1 sentence 1 lit. a) GDPR. You can revoke this consent at any time with effect for the future.

12.3.1 Typeform

To conduct the customer satisfaction surveys, we use a service of Typeform SL, Carrer Bac de Roda, 163, local, 08018 Barcelona, Spain ("Typeform"), on whose platform the surveys are stored. Typeform uses different subcontractors, which are also partly located in third countries outside the EU. Therefore, in certain cases, there may be a transfer of your data to the USA. We have concluded a data processing agreement with Typeform and Typeform only processes the data in accordance with our instructions and not for its own purposes. You can find more information about Typeform's handling of personal data here.

12.3.2 Hotjar

Furthermore, we use a survey tool of Hotjar Ltd., Dragonara Business Centre, 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta ("Hotjar"), on whose platform the surveys are stored. Hotjar uses different subcontractors, which are also partly located in third countries outside the EU.Therefore, in certain cases, there may be a transfer of your data to the USA. We have concluded a data processing agreement with Hotjar and Hotjar only processes the data in accordance with our instructions and not for its own purposes. You can find more information about Hotjar's handling of personal data here.

12.4. Email Service Provider HubSpot

For sending the newsletters, we use a service provided by HubSpot, Inc. with headquarters at 25 First Street, 2nd Floor, Cambridge, MA 02141 USA. As part of this, your data may also be transferred to the USA. We have concluded a data processing agreement with HubSpot and therefore HubSpot may only process the data according to our instructions and not for its own purposes. You can find more information on HubSpot’s handling of personal data here and here.

We also statistically record, among other things via HubSpot, which emails you open and which links you click on in our emails (opening and click rates). This allows us to understand which content is of interest to our users and to optimize the newsletter and our email communication, which corresponds to our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

13. DeepL’s Social Media Pages

DeepL operates several social media profiles (also called “pages”) on various social networks e.g., Facebook, Twitter, LinkedIn and Xing. There we regularly publish posts about our products, new product features as well as new job offers. If you interact with our pages or contact us via them and are a member of the respective social network, we may receive and process data that identify you. As operator of the pages, we also have the option of viewing anonymous statistics on the interaction of visitors with our pages (insight function). For this purpose, the operators of the social networks record your interactions with our pages using cookies and similar technologies. You can find more information on this kind of data processing by Facebook and LinkedIn here and here.

The legal basis for the operation of our social media profiles and the insights function is our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f) GDPR in using the pages as an information channel for our company. With regard to the insights function, we have a legitimate interest in understanding the visits and interactions with our page in order to be able to respond to them and to further improve our presence. Insofar as your consent given to the social network justifies the data processing within the framework of the respective social platform, processing is carried out on the basis of this consent.

Please note that we together with the operator of the respective social network are jointly responsible for the data processing operations triggered when you visit our page. However, the operators of the social networks may also process your data for their own purposes, which are not depicted in this privacy policy. It is also possible that data collected about you will be transferred to third countries, in particular the USA. We have no influence on this data processing and refer to the privacy policies of the respective social networks e.g., for Facebook here, for Twitter here, for LinkedIn here and for Xing here.

In principle, you can assert your rights (see section 16 below) both against us and against the operator of the respective social platform. However, we would like to point out that despite the joint controllership, you can most effectively assert your rights with the operators of the social networks. If you need help, you can contact us.

14. Job Applications

We offer you the opportunity to apply for a position at DeepL via our career page and the integrated career portal, or by email. This digital recruitment process means that in order to complete the application procedure, your application data (usually name, contact information, cover letter, resume, as well as other supporting documents and credentials) is collected and processed electronically. The personal data you provide will be used exclusively for processing your job application. Your data will only be shared with persons involved in the application process. If you submit your documents in German only, even though an English version of the documents was requested in the job advertisement, we reserve the right to translate your documents into English using DeepL’s PDF translation feature. In this context, your data may be transferred to the USA (see also section 6.2 of this privacy policy). The legal basis for the processing of your applicant data is Art. 6 para. 1 sentence 1 lit. b) GDPR in conjunction with Art. 88 para. 1 GDPR in conjunction with § 26 para. 1, 8 sentence 2 BDSG ("Bundesdatenschutzgesetz": German Federal Data Protection Act).

If, following the recruitment process, an employment contract is concluded, we will store your personal data as part of your personnel file for the purpose of standard organizational and administrative procedures, in compliance with the more extensive legal obligations. In this case, the legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. b) GDPR in conjunction with Art. 88 para. 1 GDPR in conjunction with § 26 para. 1 BDSG ("Bundesdatenschutzgesetz": German Federal Data Protection Act).

In the event of a rejection on your part or ours, we will retain the data submitted to us for up to a maximum of six months following notification of the rejection. We will subsequently delete the data unless legal regulations require us to store the data for a longer period.

If you expressly agree to a longer storage period of your data e.g., for your inclusion in our internal applicant pool, the data will be further processed based on your consent in accordance with Art. 6. para. 1 sentence 1 lit. a) GDPR. Your data will then be stored in our pool of applicants for 1000 days. You can withdraw your consent at any time with effect for the future.

In order to process your application data, it will be forwarded to the service provider Recruitee B.V., Keizersgracht 313, 1016 EE Amsterdam, The Netherlands, which operates the application system. We have concluded a data processing agreement with Recruitee, which means that Recruitee may only process the data in accordance with our instructions and not for its own purposes. Further information on data protection at Recruitee can be found here.

15. Data Security

Your connections to our website and our apps are protected with encryption techniques in line with the current state of the art. The level of protection also depends on which encryption your Internet browser and/or mobile device supports. You can tell whether an individual page of our website is transmitted in encrypted form by looking at the closed key or lock symbol in the status bar of your browser. We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

16. Your Rights

The following rights are granted by European Union directives and regulations. If you wish to exercise any of the rights listed below, please contact us at the above address.

  • Right to confirmation and right of access - We will gladly confirm whether we are processing any of your personal data, which data we are processing, and for what purpose we are processing it.

  • Right to rectification - If any of the data we have stored is incorrect, we would certainly be happy to correct it.

  • Right to erasure - Should you wish your personal data to be deleted, we will comply with your request as far as legally possible.

  • Right to restriction of processing - Should you wish to restrict use, we will comply with your request as far as legally possible.

  • Right to withdraw your consent - Should you wish to revoke any previously granted consent, we will comply with your request. Revocation does not affect the permissibility of the processing of your data up to now.

In addition, you can object to the further processing of your data if we process your data based on our legitimate interest (Art. 6 para. 1 sentence 1 lit. f), Art. 21 GDPR). If we process your data for the purpose of direct advertising, you have a general right to object. If we do not process your data for advertising purposes, the objection must be based on your particular situation.

You also have the right to lodge a complaint regarding the processing of your personal data with a supervisory authority, such as the data protection supervisory authority responsible for us: Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestraße 2 - 4, 40213 Düsseldorf, email: poststelle(at)ldi.nrw.de.

17. Changes to the Privacy Policy

We reserve the right to amend this privacy policy. The current version of the privacy policy can be accessed at any time on our website.

Last update: July 2022