When you use Telegram's translation feature, the text of the message you translate is sent to Google or Microsoft; both companies are contractually limited to using it only for translation.
This analysis describes what Telegram's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Users who translate messages are sharing their message content with major third-party technology companies, even though Telegram states these companies cannot use the data for other purposes.
Interpretive note: The policy uses 'may rely on' language without specifying which provider is used in a given translation instance, and does not describe the legal mechanism for international data transfer to US processors, creating uncertainty about the transfer's lawfulness under GDPR.
Using the translate feature in Telegram sends message text to Google or Microsoft, meaning private message content leaves Telegram's infrastructure and is processed by third parties, albeit under stated usage restrictions.
How other platforms handle this
We may share your personal information with our affiliates, meaning entities that control, are controlled by, or are under common control with Consensys. We also share information with service providers who assist in operating our services, subject to confidentiality obligations.
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
Loyalty and partner program companies. We share information with our loyalty and partner program companies, like Ulta Beauty and Marriott.
Monitoring
Telegram has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Since Telegram may rely on Google LLC or Microsoft Corporation for automatic translation of messages, the text of any message or set of messages that users choose to translate may be shared with Google or Microsoft in order to obtain their translated versions. These third-party companies will only access the data to provide a translation and will not use it for any other products, services, or advertising.— Excerpt from Telegram's Telegram Privacy Policy
REGULATORY LANDSCAPE: This provision engages GDPR Article 28 (data processing agreements with sub-processors) and Article 46 (transfers to third countries, given Google and Microsoft's US-based processing). The policy asserts contractual restrictions on Google's and Microsoft's use of translated data, but does not describe the legal mechanism for international data transfer to these US entities. Post-Schrems II, transfers to US processors require either Standard Contractual Clauses or adequacy framework coverage (e.g., EU-US Data Privacy Framework). GOVERNANCE EXPOSURE: Medium. The stated contractual limitation ('will not use it for any other products, services, or advertising') is a meaningful protection if enforced, but users have no independent means to verify compliance. The policy does not specify whether Google or Microsoft may retain translated text temporarily for service delivery purposes, which may be a retention ambiguity. JURISDICTION FLAGS: EEA and UK users face the most direct exposure under GDPR and UK GDPR, particularly regarding the adequacy of the legal transfer mechanism to US processors. The policy's passive language ('may rely on') introduces uncertainty about which provider is used in a given instance, complicating user consent and data subject rights exercises. CONTRACT AND VENDOR IMPLICATIONS: Organizations with confidentiality obligations (legal, financial, healthcare) should treat the translate feature as a potential data exfiltration vector and consider prohibiting its use for sensitive communications. The absence of a named transfer mechanism in the policy may be a gap for vendor assessment teams. COMPLIANCE CONSIDERATIONS: Data protection officers should evaluate whether user opt-in to translation (a deliberate tap action) constitutes sufficient consent or instruction under their applicable framework. The policy should be reviewed alongside Google's and Microsoft's API data processing terms to confirm consistency with stated restrictions.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Users who translate messages are sharing their message content with major third-party technology companies, even though Telegram states these companies cannot use the data for other purposes.
Using the translate feature in Telegram sends message text to Google or Microsoft, meaning private message content leaves Telegram's infrastructure and is processed by third parties, albeit under stated usage restrictions.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Telegram.