DeepL is Now HIPAA Compliant

Trust Center

Start your security review
View & download sensitive information
Search items
ControlK

Overview

Welcome to DeepL's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.

Compliance

GDPR Logo
GDPR
HIPAA Logo
HIPAA
ISO 27001:2013 Logo
ISO 27001:2013
ISO 27001:2022 Logo
ISO 27001:2022
SOC 2 Type 2 Logo
SOC 2 Type 2

Documents

COMPLIANCEISO 27001:2013
COMPLIANCEISO 27001:2022
COMPLIANCESOC 2 Type 2
INFRASTRUCTURE SECURITYData Center
VOICEData Flow
SECURITY AND IT MANAGEMENTPenetration Testing
DOCUMENTSStatement of applicability (SoA) v32

Product Security

Audit Logging
Integrations
Role-Based Access Control
View more

Security and IT Management

Auditing
Change Management Program
Identity and access management
View more

Infrastructure Security

Status Monitoring
Data Center
Separate Production Environment
View more

Data Security

Access Monitoring
Access to data
Backup restore test
View more

Security of customer accounts

Authorization / role concept
Cookies
Data Breach Notifications
View more

Access Control

Least Privilege
Logging
Password Manager
View more

Training

Employee Training
HR Security
Role-Based Training
View more

Legal

Cyber Insurance
Privacy Policy
Service-Level Agreement
View more

Voice

Data Flow

Policies

The security policies of DeepL are available for your review upon request.

BC/DR

Disaster Recovery Plan (DRP)
Failover/High Availability
Hardware reliability
Knowledge Base (FAQ)
    Does DeepL SE have access to data entered by customers in the various services provided?
    Does DeepL rely on major cloud providers when offering its services or does it only have on-premise systems?
    Does the system have role-based access control
    Does DeepL have multi-factor authentication enforced?
    Is there any collection/access/processing/retention of any client scoped data that includes any classification of non-public personal information or personal data of individuals?
View more
Trust Center Updates

DeepL is Now HIPAA Compliant

Copy link
Compliance
May 9, 2025

We are thrilled to announce that DeepL has achieved HIPAA compliance, marking another significant milestone in our commitment to safeguarding sensitive data and providing the highest standards of security and privacy for our users. The Health Insurance Portability and Accountability Act (HIPAA) sets strict standards for the protection of sensitive health information (PHI), and this compliance demonstrates that DeepL meets the rigorous requirements for handling and securing such data.

What Does This Mean for You?

  • Enhanced Data Security: DeepL now adheres to HIPAA's stringent requirements for protecting sensitive health information, ensuring that all your data is handled with the utmost care.
  • Trust and Reliability: Whether you're in healthcare, research, or any industry that requires HIPAA compliance, you can trust DeepL to provide secure and reliable translation services.
  • Commitment to Privacy: This achievement reflects our ongoing dedication to protecting your data and maintaining transparency about our security practices.

New SOC 2 Type 2 Report for 2024

Copy link
Compliance
February 6, 2025

DeepL's SOC 2 Type 2 report covering the period from October 2023 to September 2024 is now available for download on request from our Trust Center. This report illustrates the significance of and continued commitment to information security at DeepL. Once again, there were no deviations from our security controls in this reporting year.

We have also successfully passed our recertification against the ISO 27001 standard, and were audited against the most recent version of the standard: ISO 27001:2022. You can download all our current ISO 27001 certifications from the front page of the Trust Center.

If you need help using this Trust Center, please contact us.

Contact Support