How DeepL’s infrastructure works
DeepL uses a hybrid infrastructure that combines DeepL administered servers in data centers located in Europe with cloud infrastructure provided by Amazon Web Services (AWS). DeepL remains your service provider at all times, and AWS acts only as a sub-processor. Even when services run on AWS, DeepL’s proprietary models operate in a DeepL-controlled environment. This setup allows DeepL to provide reliable performance, lower latency across regions, and continuous product improvements.
DeepL operates across multiple regions, including Europe, the United States, and Asia-Pacific. In Europe, services are delivered through a combination of DeepL infrastructure and AWS, while in other regions AWS infrastructure is used only. By default, customer content may be processed in different regions. Depending on your plan, you may have the option to select a specific region through a data residency feature.
How your data is handled and protected
When you use DeepL, the text you enter or upload is processed instantly to provide the services and is not stored. If you choose to save data such as glossaries or translations, it remains stored until you delete it. Account and billing information is stored centrally to operate the service.
If you are using a paid subscription, your data remains private and confidential. It is processed only to provide the services, is not shared with other users, and is not used for training models outside your account. Strong safeguards ensure that data is protected at all times. All data is encrypted both in transit and at rest, and encryption keys are controlled by DeepL, not AWS. DeepL applies a Zero-Trust security model and maintains certifications such as ISO 27001 and SOC 2 Type II to ensure high standards of data protection.
Legal framework
DeepL is headquartered in Germany and is therefore subject to the General Data Protection Regulation (GDPR) and the EU AI Act. DeepL is adding AWS as a sub-processor to deliver its services to its customers. We have entered all contractual agreements with AWS in order to meet our legal obligations as service provider to our customers.
For international data transfers this includes the EU–U.S. Data Privacy Framework and Standard Contractual Clauses. DeepL also implements safeguards such as strong encryption, independent key management, limited data exposure, and strict data minimization.
Your options during DeepL’s transition to AWS (2026)
During the transition in 2026, existing customers will be informed about the updated Terms and Conditions. Additional details, including security documentation and the Transfer Impact Assessment, are available in the DeepL Trust Center.
If you choose to accept the use of AWS as a sub-processor, DeepL reserves the right to process your content data in any of its global AWS regions. Depending on your subscription plan, you may have the option to select a specific region through a data residency feature, in which case DeepL will process your data only in the region of your choice. The data residency add-on is available to sales-assisted customers with Team, Business, and API for Business plans, and it is included as standard in the DeepL for Enterprise plan. If you are eligible and interested in the data residency feature, please contact our Sales team for more information.
If you choose to object to the applicable Terms and Conditions that include AWS sub-processors, you can continue using DeepL until the end of your current billing period. In such cases, your data will not be moved to AWS and will remain on DeepL infrastructure until your contract ends.
Further details regarding the architectural safeguards for our AWS-powered hybrid infrastructure can be found in our Security and Data Residency Whitepaper, which is available below in English, German and Japanese.