What can I do about this clause?

{'method': 'EMAIL', 'recipient': 'privacy@deepl.com', 'difficulty': 'EASY', 'action_type': 'DELETE_DATA', 'instructions': 'Email privacy@deepl.com requesting deletion of your personal data. Specify your account details and request confirmation of the deletion timeline. For account closure, also close your account through the account settings page.', 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'The FTC has authority over deceptive data retention practices under Section 5 of the FTC Act where stated retention practices do not match actual company behavior.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Data Retention clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Data Retention clauses across approximately 39 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Data Retention — DeepL

Share 𝕏 Share in Share 🔒 PDF

What it is

DeepL keeps your data for as long as needed for the stated purpose or as required by law, and deletes it after your account is closed within a reasonable timeframe.

Consumer impact (what this means for users)

DeepL retains your personal data indefinitely while your account is active and for an unspecified 'reasonable period' after account closure — users cannot determine a precise deletion date without contacting DeepL directly.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Delete Your Data

Email privacy@deepl.com requesting deletion of your personal data. Specify your account details and request confirmation of the deletion timeline. For account closure, also close your account through the account settings page.

Cross-platform context

See how other platforms handle Data Retention and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

The policy does not specify exact retention periods for most data categories, which makes it difficult for users to know when their data will be deleted and creates potential GDPR compliance risk.

View original clause language

We store your personal data for as long as is necessary for the respective purpose for which it was collected or for as long as we are legally obliged to store it. After that, we delete your personal data routinely. Where you have an account with us, we store your personal data for as long as your account remains active. We delete or anonymise your account data within a reasonable period following account closure.

Institutional analysis (Compliance & legal intelligence)

(1) REGULATORY FRAMEWORK: Data retention is governed by GDPR Art. 5(1)(e) (storage limitation principle), which requires personal data to be kept 'no longer than is necessary.' GDPR Art. 13(2)(a) requires controllers to inform data subjects of retention periods or the criteria used. German commercial and tax law (HGB §257, AO §147) mandates retention of certain business records for 6–10 years. (2)

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

The FTC has authority over deceptive data retention practices under Section 5 of the FTC Act where stated retention practices do not match actual company behavior.
File a complaint →

Provision details

Document information

Document

DeepL Privacy Policy

Entity

DeepL

Document last updated

April 29, 2026

Tracking information

First tracked

April 30, 2026

Last verified

April 30, 2026

Record ID

CA-P-004054

Document ID

CA-D-00448

Evidence Provenance

Source URL

https://www.deepl.com/en/privacy

Wayback Machine

View archived versions →

SHA-256

1d621c54ed3a19fc9ce7b2fc58fa1eb740cb4e4b7669ebdc020370950f152344

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: DeepL | Document: DeepL Privacy Policy | Record: CA-P-004054
Captured: 2026-04-30 05:39:12 UTC | SHA-256: 1d621c54ed3a19fc…
URL: https://conductatlas.com/platform/deepl/deepl-privacy-policy/data-retention/
Accessed: May 2, 2026

Classification

Severity

Medium

Data Retention