Is DeepSeek Safe? What It Does With Your Data
DeepSeek collects your prompts, files and device data, and stores them on servers in China, under Chinese jurisdiction. What really matters, and the fix.
DeepSeek can be useful, but the answer to “is it safe?” rests less on the app's technical robustness than on two facts in its privacy policy: the tool collects a wide range of user data and stores it on servers located in the People's Republic of China, placing that data under Chinese jurisdiction. For sensitive information, that's the deciding factor. The only certain protection isn't a setting — it's never entrusting the real data to the tool in the first place.
What DeepSeek actually collects
DeepSeek's privacy policy explicitly states it collects the content you provide: text input, voice input, prompts, uploaded files and photos, feedback and chat history. So anything you paste or type into the tool can be collected. On top of that come account data (username, email, phone number, password, date of birth) and technical device data: IP address, device identifiers and model, operating system, system language — and, per the reading relayed by security analyses such as Proton's, keystroke patterns.
Jurisdiction, training and government access
Beyond collection, the policy provides for using data to “train and improve” DeepSeek's technology, including its models and algorithms. An opt-out from this use is mentioned — which implies that, absent action on your part, your inputs can be used to improve the models. Retention runs “for as long as necessary,” with no fixed duration. The policy also provides for sharing data with public authorities and law enforcement when the company deems it necessary to comply with applicable law; combined with storage in China, this raises the question of government access, with several analyses (including the IAPP and Proton) pointing to China's 2017 National Intelligence Law, which can compel Chinese companies to cooperate with the authorities.
- Content collected: text, voice, prompts, uploaded files and photos, chat history.
- Storage: servers in the People's Republic of China, hence under Chinese law.
- Use: model training by default unless you opt out; retention “for as long as necessary.”
- Possible sharing with public authorities and law enforcement at the company's discretion.
Why so many governments restricted DeepSeek
Because of these concerns, many governments restricted DeepSeek on official devices. Italy was the first country to block the app, in late January 2025, followed by restrictions on government devices in Australia, Taiwan and South Korea — most citing security concerns and a lack of clarity on how personal data is handled. In the United States, several states banned the tool from government devices: Texas first (January 31, 2025), then New York (February 10) and Virginia (February 11), joined by others. At the federal level, a bipartisan bill, the No DeepSeek on Government Devices Act (H.R.1121, 119th Congress), would ban it on federal employees' devices.
| You assume | The reality |
|---|---|
| “It's just another IDE assistant” | Its policy stores your data in China, under Chinese law |
| “My prompts stay private” | Text, files and history are collected, and feed training unless you opt out |
| “If it were risky, it'd be banned” | Several countries and US states already banned it from official devices |
| “Open-source weights change everything” | Bans target the online service, where prompts travel to China |
The fix: anonymize before sending
The practical upshot: DeepSeek's safety depends less on the app's robustness than on the jurisdiction of storage and how inputs are used. The concrete fix is therefore not to tick a setting but to control the content: never paste raw sensitive data. Note too that the issue targets use of the online service — the official app and web, where prompts travel to servers in China — far more than open-source weights run locally.
- 1Spot the sensitive data before sending: names, emails, phone numbers, API keys, financial or medical information.
- 2Replace each value with a reversible token, and send only the anonymized prompt.
- 3Restore the real values in the response, locally — the tool never received the real data.
That's exactly what ONYRI Sanitize is for: the engine replaces sensitive data with reversible tokens before sending; detection and the mapping stay in your browser, and only anonymized text reaches the tool. Whether DeepSeek stores the conversation in China or uses it for training, it only finds tokens — not your real information.
Frequently asked questions
- Is DeepSeek safe for sensitive data?
- Not as-is: its privacy policy states it collects your prompts, files and device data, and stores them on servers in the People's Republic of China, under Chinese jurisdiction. For sensitive data, it's best never to send it in the clear — anonymize it before sending.
- Where does DeepSeek store my data, and why does it matter?
- DeepSeek says it collects, processes and stores personal data directly in China. The storage location determines the governing law: not the user's, but Chinese law, which can compel companies to cooperate with the authorities. That point, more than the tech, drives the risk.
- How do I use DeepSeek without exposing my data?
- Never paste raw sensitive data: anonymize the prompt before sending, then restore the values in the response. An engine replaces names, emails and API keys with reversible tokens in the browser, so DeepSeek never receives the real information.
Sources & references
- DeepSeek's official privacy policy (data collected, storage in the PRC, use for training, sharing with authorities) — DeepSeek
- Which countries have banned DeepSeek and why (Italy, Australia, Taiwan, South Korea; data storage in China) — Al Jazeera
- The US states that have banned DeepSeek from government devices (Texas, New York, Virginia and dates) — StateTech Magazine
Keep your sensitive data in your browser
ONYRI Sanitize detects and masks your sensitive data before it reaches the AI, then restores the answer — from names to API keys.
Anonymize my prompt