A consultant tries DeepSeek because a colleague said it was as good as the expensive tools and free. She pastes in a client's situation - names, the contract value, a bank account, the dispute - and asks for a strategy summary. The answer is genuinely good.
What she does not see is where her prompt just went. According to DeepSeek's own privacy policy, the text she typed, the file she uploaded, and the chat history are collected, processed, and stored on servers in the People's Republic of China - a jurisdiction with no EU adequacy decision, under laws that can compel a company to hand data to the state.
The model performed beautifully. That was never the question. The question is where her client's data now sleeps, and who can ask to see it.
Is DeepSeek safe for business data?
For the hosted app and API, no - and the reason has little to do with how capable the model is. DeepSeek's privacy policy states plainly that it stores personal data in China. For an EU organisation, that is an international transfer to a country without an adequacy decision, with no Standard Contractual Clauses cited to make it lawful. That is precisely why Italy's regulator blocked it within days and Germany later referred the app to Apple and Google.
But there is an important fork in the road. DeepSeek publishes its model weights under a permissive licence. Run those weights on your own infrastructure, or on an EU provider that hosts them, and no prompt ever travels to China. The privacy problem is not the model - it is the hosted service. The decision that matters is where DeepSeek runs.
How DeepSeek handles your data
| Hosted app / API | Self-hosted open weights | |
|---|---|---|
| Where prompts go | Servers in China | Your own / EU infrastructure |
| EU adequacy decision | None | Not applicable - data stays put |
| Data processing agreement | Not offered for consumers | You control it |
| Used to improve the model | Yes (default) | No, unless you choose |
| Suitable for regulated data | No | Yes, with proper controls |
The hosted DeepSeek app (mobile and web) and the cloud API send everything to China: your text input, uploaded files, photos, chat history, plus device and network data. The policy also allows sharing data with authorities "to comply with applicable law, legal process or government requests." Deleting a chat from your account does not guarantee deletion on the servers.
The open weights are a different product entirely. Licensed for commercial use and self-hosting, they let an organisation run DeepSeek's model where the data already lives. This is the route that turns DeepSeek from a compliance problem into a normal vendor choice - though running the largest models needs serious hardware, so most teams would use a managed EU or US host of the weights.
The biggest privacy risks in DeepSeek
1. Prompts stored in a non-adequate jurisdiction
The core issue. Everything typed into the hosted app lands in China, outside the GDPR transfer framework. For client, patient, or employee data, that is an exposure no setting in the app removes.
2. Government-access risk
Chinese law can compel companies to assist state intelligence. DeepSeek's policy already commits to sharing data on "government requests." For sensitive commercial or personal data, that is a structural risk, not a hypothetical.
3. Onward transfer without consent
South Korea's data protection authority found in April 2025 that DeepSeek had transferred users' data - including prompt content - to Volcano Engine, a ByteDance affiliate, without consent or disclosure. It ordered prompt data deleted. That is a regulator-confirmed finding, not speculation.
4. The open-database exposure
In January 2025, security firm Wiz found a publicly accessible, unauthenticated DeepSeek database exposing over a million log lines, including plaintext chat history and API keys. DeepSeek secured it quickly after disclosure, but it showed the operational immaturity behind a fast-growing service.
5. The "it's just a chatbot" framing
Because DeepSeek looks and behaves like any other assistant, employees treat it like one - pasting the same sensitive context they might (still unwisely) paste into a governed tool. The interface hides the jurisdiction.
Each of these is about where the data goes, not how the model answers.
What is actually at stake: consequences
Under GDPR, sending an EU individual's personal data to China without a valid transfer mechanism is itself a breach of the rules on international transfers (Articles 44-49), before anything is ever misused. The organisation pasting the data is the controller making that transfer - so the exposure is the employer's, not only DeepSeek's.
Fines reach EUR 20 million or 4% of global annual turnover, whichever is higher. And regulators have shown they will act fast: Italy's ban took effect within two days of its concerns. Beyond the regulator, telling a client that their confidential details were stored on servers in China is a conversation few businesses want to have.
Verified incidents
January 2025 - Wiz exposes an open DeepSeek database
Wiz Research found an unauthenticated, internet-exposed ClickHouse database belonging to DeepSeek, leaking over a million log lines including chat history and secret keys. DeepSeek secured it within roughly 30 minutes of being notified. Source: Wiz Research, January 2025.
January 2025 - Italy's Garante imposes an immediate ban
Italy's data protection authority ordered an immediate, definitive limitation on the processing of Italian users' data, after finding DeepSeek's policy stored data in China contrary to GDPR security obligations. DeepSeek was removed from Italian app stores. Source: Garante / Euronews, January 2025.
April 2025 - South Korea finds unauthorised transfers
The PIPC found DeepSeek had transferred Korean users' data abroad without consent, including prompt content to a ByteDance affiliate, and ordered remediation. Source: PIPC / Korea Times, April 2025.
June 2025 - Germany refers DeepSeek to Apple and Google
Berlin's data protection authority formally reported the DeepSeek apps to Apple and Google as unlawful content under the Digital Services Act, citing unlawful data transfer to China and breach of GDPR transfer safeguards. Source: Berlin DPA / TechCrunch, June 2025.
The pattern is not a single flaw. It is a service whose default is to move your data somewhere EU law cannot follow it.
Settings that help
For the hosted app, the honest answer is that settings cannot solve a jurisdiction problem. The meaningful choices are architectural.
1. Don't put sensitive or personal data into the hosted app or API Treat the public DeepSeek service as a place where data does not belong if it identifies a person or your business.
2. Self-host the open weights, or use an EU/US host Run DeepSeek's openly licensed model where your data already lives, so prompts never travel. This keeps the capability and removes the transfer.
3. Opt out of model improvement and delete data In the app, disable "Improve the model for everyone," delete chats, and email DeepSeek's privacy contact to request removal of data already used - while remembering deletion is not guaranteed server-side.
4. Block the hosted app where policy requires it Many organisations and governments have simply blocked the hosted DeepSeek app on managed devices while allowing self-hosted use.
Verified against DeepSeek's policy and reporting current to early 2026; the policy has been revised over time, so re-check the live version.
What settings do not solve
No toggle changes the country your data is stored in. No "delete chat" guarantees the copy on the server is gone. And no setting decides what an employee types into the box.
The two risks stack: the hosted app sends data to a jurisdiction you cannot control, and a person decides how much personal data to hand it. Even a perfectly self-hosted deployment - which fixes the first risk entirely - still receives whatever the user pastes. Data minimisation does not become optional just because the server moved closer.
That is the gap between choosing where DeepSeek runs and what a person is about to put into it.
How BeeSensible helps before you send
BeeSensible checks personal data in browser text fields - including the DeepSeek prompt - as you type. Through the desktop app, detection runs entirely on the device and no text leaves the machine. For browser-only use, the extension sends the text to BeeSensible's EU detection service, where analysis runs in working memory and the text is discarded after detection. When sensitive content appears in a prompt, BeeSensible marks it inline so the user can see exactly what they are about to share - and delete it, replace it with a placeholder, or mask it before sending.
DeepSeek