What can I do about this clause?

{'method': 'EMAIL', 'recipient': 'privacy@deepl.com', 'difficulty': 'EASY', 'action_type': 'DELETE_DATA', 'instructions': 'Email privacy@deepl.com requesting deletion of your personal data. Specify your account details and request confirmation of the deletion timeline. For account closure, also close your account through the account settings page.', 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'The FTC has authority over deceptive data retention practices under Section 5 of the FTC Act where stated retention practices do not match actual company behavior.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Data Retention clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Data Retention clauses across approximately 136 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Data Retention — DeepL

Share 𝕏 Share in Share 🔒 PDF

Recent governance activity DeepL recorded 13 documented changes in the last 30 days.

Start monitoring updates

Monitor governance changes for DeepL Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

Document Record

What it is

DeepL keeps your data for as long as needed for the stated purpose or as required by law, and deletes it after your account is closed within a reasonable timeframe.

ⓘ

This analysis describes what DeepL's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

This provision establishes the operational framework for data lifecycle management, defining retention periods tied to purpose necessity and legal requirements rather than indefinite storage. It creates a procedural obligation for deletion or anonymization upon account termination.

Change history

added May 22, 2026

Establishes a data retention policy with explicit deletion upon account closure, clarifying user data lifecycle and deletion timelines.

View full change record →

Consumer impact (what this means for users)

DeepL retains your personal data indefinitely while your account is active and for an unspecified 'reasonable period' after account closure — users cannot determine a precise deletion date without contacting DeepL directly.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Delete Your Data

Email privacy@deepl.com requesting deletion of your personal data. Specify your account details and request confirmation of the deletion timeline. For account closure, also close your account through the account settings page.

How other platforms handle this

Waze Medium

We retain personal data for as long as necessary to provide our services, fulfill the purposes described in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. The specific retention period for each category of personal data depends on the purpose fo...

Midjourney Medium

We retain your personal information for as long as necessary to fulfill the purposes outlined in this privacy policy, unless a longer retention period is required or permitted by law. We may also retain and use your information to comply with our legal obligations, resolve disputes, and enforce our ...

Spotify Medium

Please note there are situations where Spotify is unable to delete your data, for example when: it's still necessary to process the data for the purpose we collected it for; we have an overriding interest in continuing to process the data, for example where we need the data to protect our services f...

See all platforms with this clause type →

Monitoring

DeepL has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

▸ View Original Clause Language DOCUMENT RECORD

"
We store your personal data for as long as is necessary for the respective purpose for which it was collected or for as long as we are legally obliged to store it. After that, we delete your personal data routinely. Where you have an account with us, we store your personal data for as long as your account remains active. We delete or anonymise your account data within a reasonable period following account closure.

— Excerpt from DeepL's DeepL Privacy Policy

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

(1) REGULATORY FRAMEWORK: Data retention is governed by GDPR Art. 5(1)(e) (storage limitation principle), which requires personal data to be kept 'no longer than is necessary.' GDPR Art. 13(2)(a) requires controllers to inform data subjects of retention periods or the criteria used. German commercial and tax law (HGB §257, AO §147) mandates retention of certain business records for 6–10 years. (2)

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Monitor free for 14 days

Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

FTC

The FTC has authority over deceptive data retention practices under Section 5 of the FTC Act where stated retention practices do not match actual company behavior.
File a complaint →

Applicable regulations

Indiana Consumer Data Protection Act

US-IN

Provision details

Document information

Document

DeepL Privacy Policy

Entity

DeepL

Document last updated

May 5, 2026

Tracking information

First tracked

April 30, 2026

Last verified

April 30, 2026

Record ID

CA-P-004054

Document ID

CA-D-00448

Evidence Provenance

Source URL

https://www.deepl.com/en/privacy

Wayback Machine

View archived versions →

Content hash (SHA-256)

1d621c54ed3a19fc9ce7b2fc58fa1eb740cb4e4b7669ebdc020370950f152344

Analysis generated

April 30, 2026 05:39 UTC

Methodology

summarize_document-v7

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: DeepL
Document: DeepL Privacy Policy
Record ID: CA-P-004054
Captured: 2026-04-30 05:39:12 UTC
SHA-256: 1d621c54ed3a19fc…
URL: https://conductatlas.com/platform/deepl/deepl-privacy-policy/data-retention/
Accessed: June 17, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

Medium

Other risks in this policy

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Compliance free trial

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does DeepL's Data Retention clause do?

How does this clause affect you?

How many platforms have this type of clause?

ConductAtlas has identified this type of provision across 136 platforms. See the full comparison.

Is ConductAtlas affiliated with DeepL?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by DeepL.