If you are in the EU or UK, you have rights to see, correct, delete, or transfer your data, and to object to how it is processed; you can exercise these by emailing privacy@midjourney.com.
This analysis describes what Midjourney's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy explicitly grants EU and UK users a defined set of GDPR data subject rights, including the right to erasure and the right to object to processing, which are enforceable under GDPR against Midjourney as a data controller.
EU and UK users can contact Midjourney at privacy@midjourney.com to access, correct, delete, or obtain a copy of their personal data, or to object to specific processing activities such as AI training use.
How other platforms handle this
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
We use information to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified data for this purpose. We also use personal info...
Monitoring
Midjourney has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"If you are located in the European Economic Area or the United Kingdom, you have certain rights regarding your personal information, including the right to access, correct, or delete your personal information, the right to restrict or object to processing, and the right to data portability. To exercise these rights, please contact us at privacy@midjourney.com.— Excerpt from Midjourney's Midjourney Data Retention & Privacy FAQ
REGULATORY LANDSCAPE: This provision directly engages GDPR Articles 15 through 22, covering access, rectification, erasure, restriction, portability, and objection rights. UK GDPR imposes equivalent obligations. Midjourney's compliance with response timelines (one month under GDPR Article 12, with extension in complex cases) is an enforceable obligation. EU/EEA data protection authorities, including the lead supervisory authority under GDPR's one-stop-shop mechanism, have jurisdiction over complaints. GOVERNANCE EXPOSURE: Medium. The provision is facially compliant with GDPR disclosure requirements, but governance exposure arises from the operational complexity of fulfilling rights requests for AI training data, prompt content, and generated images. Erasure requests for content already used in AI model training present particular technical and legal challenges that the policy does not address. JURISDICTION FLAGS: EU/EEA and UK users have enforceable rights under GDPR and UK GDPR respectively. The Irish Data Protection Commission may serve as lead supervisory authority depending on Midjourney's EU establishment. Failure to respond to rights requests within statutory timelines creates direct regulatory exposure. CONTRACT AND VENDOR IMPLICATIONS: Enterprise customers contracting for EU user data processing should verify that Midjourney's data processing agreement addresses sub-processor obligations and data subject rights fulfillment in relation to AI training data. Rights request handling procedures should be confirmed through due diligence. COMPLIANCE CONSIDERATIONS: Legal teams should assess whether Midjourney's process for handling erasure requests adequately addresses the technical challenge of removing personal data from AI training datasets. Objection to processing rights, if invoked regarding AI training use, require documented assessment of compelling legitimate grounds under GDPR Article 21. Response SLA monitoring and escalation procedures should be in place.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy explicitly grants EU and UK users a defined set of GDPR data subject rights, including the right to erasure and the right to object to processing, which are enforceable under GDPR against Midjourney as a data controller.
EU and UK users can contact Midjourney at privacy@midjourney.com to access, correct, delete, or obtain a copy of their personal data, or to object to specific processing activities such as AI training use.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Midjourney.