What are the institutional and regulatory implications of this document?

REGULATORY LANDSCAPE: This policy engages GDPR and UK GDPR for EU and UK-based users, disclosing data subject rights (access, erasure, portability, restriction, objection) and identifying a data controller contact; the CCPA/CPRA framework is addressed for California residents with disclosures of data categories collected and a statement that Midjourney does not sell personal information, though the policy references sharing for cross-context behavioral advertising which may trigger CCPA opt-out…

How does Midjourney's Midjourney Data Retention & Privacy FAQ affect users?

Users operating without a Stealth Mode subscription have their generated images retained and indexed as public content accessible to other service users. The document establishes that prompts and content submissions are incorporated into Midjourney's model training and development processes. Users in the EU, UK, and California may submit requests for personal data deletion or exercise additional statutory rights by contacting privacy@midjourney.com, and the document outlines the procedural mech…

How often is Midjourney's Midjourney Data Retention & Privacy FAQ updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Midjourney updates this document?

Yes. Monitor subscribers ($19/month) can add Midjourney to their watchlist and receive same-day email alerts whenever this document or any other Midjourney document changes.

CA-D-000828

Midjourney Data Retention & Privacy FAQ

Midjourney

Last change detected May 12, 2026 Privacy policy

SHA-256: 31a78fe46275c58bc78… 2 versions captured 1 change documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Midjourney ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

8 Total

1 High severity

6 Medium severity

1 Low severity

Summary

This document establishes Midjourney's data retention and privacy practices governing the collection, use, and retention of personal data and user-generated content submitted through the AI image generation service. The document authorizes Midjourney to retain and use prompts and content submitted by users for purposes of training and improving its AI models. The document specifies that generated images are retained as public records by default, unless a user maintains an active subscription to a plan with Stealth Mode enabled, and establishes procedures for users in the EU, UK, and California to request data deletion or exercise jurisdiction-specific rights.

Technical / Legal Breakdown

This document is Midjourney's privacy policy (last updated June 2, 2025), governing the collection, use, and disclosure of personal information by Midjourney, Inc. in connection with its AI image generation services, operating under a consent and legitimate interests framework. The policy states that Midjourney collects identifiers (name, email, username), payment information, device and browser data, IP addresses, usage and interaction data, content users submit (prompts, uploaded images), and inferred preferences; the terms authorize sharing this data with service providers, business partners, payment processors, and third parties in the context of business transfers. A notable provision states that Midjourney may use submitted content and prompts to train and improve its AI models, and the policy discloses that images generated on the platform are generally public by default unless a user subscribes to a plan that includes a Stealth Mode feature, creating an operationally significant disclosure distinction relative to users who assume default privacy for their generated content. The policy engages GDPR and UK GDPR for EU and UK users (citing rights to access, correction, erasure, portability, and objection), CCPA/CPRA for California residents (disclosing categories of personal information and stating Midjourney does not sell personal information in the traditional sense but may share for cross-context behavioral advertising), and COPPA with respect to a stated minimum age of 13. Compliance teams should note that the policy's AI training use of user-submitted content, the default public image setting, and the scope of third-party data sharing each warrant careful evaluation under GDPR lawful basis requirements, CCPA opt-out obligations for sharing, and applicable AI-specific regulatory frameworks.

Institutional Analysis

Institutional analysis available with Compliance

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.

Start Compliance free trial

1 important change detected

2 versions captured · Last updated: May 2026

May 12, 2026

low

What changed Midjourney removed seven structural sections from its Data Retention & Privacy FAQ on May 12, 2026, including introductory content, articles on data sharing and security, children's privacy provisions, links to other websites, and change notification language. The document was reorganized, reducing it from 134 sentences to 127 sentences. The removal of these sections means certain privacy topics previously documented in the FAQ are no longer explicitly addressed in this particular document.

Why this matters Midjourney removed several sections from its Data Retention & Privacy FAQ, including language describing data sharing practices, security measures, children's privacy protections, and the process for updating the policy. The removal of these sections means certain privacy topics are no longer explicitly documented in this FAQ. This change does not state that these practices have stopped or changed; it indicates that documentation has been reorganized or consolidated elsewhere.

View full change record →

High — 1 provision

AI Model Training Use of User Content Compare →

When you type prompts or upload images, Midjourney may use that content to train its AI, and by using the service you are granting Midjourney a license to do so.

Added May 12, 2026 Standard Seen across 284 platforms

Medium — 6 provisions

Default Public Image Generation Compare →

Everything you create on Midjourney is visible to other users unless you pay for a plan that includes Stealth Mode and turn it on yourself.

Added May 12, 2026 Standard Seen across 284 platforms
Data Collection Scope Compare →

Midjourney collects your name, email, payment details, device information, IP address, how you use the service, everything you type or upload, and inferences it draws about your preferences.

Added May 12, 2026 Standard Seen across 284 platforms
Third-Party Data Sharing Compare →

Midjourney shares your data with service providers, business partners, and payment processors, and may transfer it if the company is sold; it states it does not sell your data under California law.

Added May 12, 2026 Standard Seen across 252 platforms
GDPR and UK GDPR Data Subject Rights Compare →

If you are in the EU or UK, you have rights to see, correct, delete, or transfer your data, and to object to how it is processed; you can exercise these by emailing privacy@midjourney.com.

Added May 12, 2026 Standard Seen across 284 platforms
California Consumer Privacy Rights Compare →

California residents can ask Midjourney what data it holds on them, request its deletion, or correct it, and Midjourney states it does not sell personal data under California law.

Added May 12, 2026 Standard Seen across 284 platforms
Minimum Age Requirement and Children's Privacy Compare →

Midjourney states its service is not for children under 13 and will delete any data it discovers was collected from a child under 13.

Added May 12, 2026 Standard Seen across 284 platforms

Low — 1 provision

Policy Change Notification Compare →

Midjourney can update this privacy policy and will try to notify you by email or website notice before material changes take effect.

Added May 12, 2026 Standard Seen across 284 platforms

Monitoring

Midjourney has updated this document before.

Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

Compliance Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Compliance free trial

Cross-platform context

See how other platforms handle AI Model Training Use of User Content and similar clauses.

Compare across platforms →