Is DeepSeek safe? What happens to your data when you use it
DeepSeek collects many of the same types of data as other chatbots, including prompts, device data, and usage information. One notable difference is that DeepSeek’s hosted service operates under Chinese legal and regulatory frameworks, which differ from those of providers operating in other jurisdictions.
What that means in practice depends on how you use the platform and the type of information you share.
This guide looks at DeepSeek’s data practices, privacy and security considerations, and publicly reported findings. We also explain how cloud and local use differ and what you can do to protect your data.
What is DeepSeek?
DeepSeek is an AI chatbot developed by DeepSeek AI, a startup based in Hangzhou, China. It’s free to use and works like most other AI chatbots. You enter a prompt, and the system generates a text response. It can draft content, write code, translate text, and answer questions. DeepSeek is available as a web app and as mobile apps for iOS and Android.
Its models are also open weight, meaning the trained model files are publicly available. These can be downloaded and run locally on your own hardware instead of using DeepSeek's hosted service.
Is DeepSeek safe to use?
That answer depends on how you use it and what you choose to share with it.
When DeepSeek is low risk
If you're using DeepSeek for general tasks, like brainstorming ideas, the privacy considerations are similar to those of many other AI chatbots. You're sharing data with a company, and that data is processed and stored by the provider according to its policies.
When more caution may be appropriate
Consider using additional caution when you're using DeepSeek's web or mobile apps with information you wouldn't want shared with a third party, such as personal details, financial data, or anything that could identify you or expose sensitive information.
If you're handling work-related or client data, using it could create compliance, confidentiality, or data-handling concerns.
How does DeepSeek collect and use your data?
DeepSeek’s privacy policy outlines the data it collects and how it’s used.
What data you share in prompts
According to its privacy policy, the AI chatbot collects the content users submit. This includes text prompts, uploaded files, voice inputs, feedback, and chat history. The policy lists training and improving its models as one of the purposes for which this data is used. That said, users may be able to opt out of having their data used for training, depending on their location and applicable data protection laws.
Device, usage, and IP address collection
DeepSeek collects technical information automatically. This includes device model, operating system, IP address, device identifiers, system language, and usage logs. The company assigns device and user IDs to track activity across sessions and devices.
Third-party data sources
The privacy policy states that DeepSeek may receive data from other sources. These include third-party login services such as Apple or Google, security partners that help detect fraud and abuse, and publicly available data used to train its models.
Data sharing beyond DeepSeek
DeepSeek shares user data with service providers for functions such as analytics, search, and safety monitoring. It also shares data within its corporate group for purposes including storage, research, and model training. The policy states that data may also be shared with law enforcement or in connection with corporate transactions such as mergers or acquisitions.
Data retention
DeepSeek’s privacy policy states that it keeps user data “for as long as necessary” to provide the service. Its Terms of Use add that even after account deletion, the company may retain certain data as required by laws and regulations. No maximum retention period is specified.
DeepSeek chat vs. local models: What changes for privacy?
The main difference is where your data is processed and which laws apply.
Cloud-based use and data exposure
As with other hosted AI services, when you use DeepSeek through its website or mobile apps, your data is processed on the company's servers and handled according to its privacy policy and the legal framework governing its operations.
Related: ChatGPT vs. DeepSeek: Which is better for privacy?
Running DeepSeek locally
Running DeepSeek locally means the model processes data on your own device. In this setup, you’re not using DeepSeek’s hosted service, so its data collection practices don’t apply to your prompts.
The trade-off is that local models require capable hardware, can be slower on consumer devices, and don't have access to real-time information. Smaller distilled versions of the model are available for less powerful hardware, though they offer reduced capability compared to the full model.
It’s important to note that if you connect a local model to third-party tools, cloud APIs, or external search services, those providers may still collect or process data according to their own policies.
If you can’t run DeepSeek locally, it’s worth considering a platform that uses DeepSeek’s model with different deployment or data-handling approaches.
Learn more: Read about ExpressVPN’s private-by-design ExpressAI
Security findings and reported incidents
Independent security analyses and a reported data exposure incident have identified security findings involving some DeepSeek products and infrastructure.
DeepSeek’s cybersecurity risks
In February 2025, mobile security firm NowSecure reported that the DeepSeek iOS app had Apple’s App Transport Security (ATS) disabled. ATS is designed to prevent apps from sending data without encryption. With it disabled, some registration and device data were sent without encryption, meaning it could be visible to someone on the same network, such as public Wi-Fi.
The analysis also found the app used Triple Data Encryption Standard (3DES), an older encryption method that’s no longer recommended for securing modern applications, and included hardcoded encryption keys. Hardcoded keys are built into the app and shared across users, which can make intercepted data easier to decrypt.
SecurityScorecard reported similar issues in its analysis of the Android app, including hardcoded encryption keys and a Structured Query Language (SQL) injection vulnerability. SQL injection is a flaw that can allow unauthorized access to backend databases if exploited.
Database exposure incident
In 2025, security firm Wiz Research found a publicly accessible DeepSeek database with no authentication or access controls. The database contained plaintext chat histories, API keys, and internal system data.
Because it wasn’t protected, the data could have been accessed, modified, or downloaded by anyone who discovered it. Wiz reported the issue to DeepSeek, and the company secured the database shortly after.
Model limitations and content filtering
Like other large language models, DeepSeek can produce incorrect or fabricated information. These errors are often referred to as hallucinations and are a known limitation of AI systems.
Like many large language models (LLMs), DeepSeek may also apply content restrictions to certain topics. Prompts related to politically sensitive issues can trigger refusals or limited responses. This behavior can vary depending on the model version and how it is deployed.
Regulatory actions and organizational restrictions
DeepSeek has faced regulatory reviews and usage restrictions in some jurisdictions and organizations. Concerns raised publicly have included data handling, storage practices, and compliance with local privacy and data protection requirements.
For example, Italy’s Data Protection Authority (Garante) ordered DeepSeek to block certain data processing activities in early 2025, citing concerns about information provided regarding its data practices. South Korea temporarily suspended downloads of the app after DeepSeek stated it hadn’t fully complied with local data protection requirements.
Some organizations, including private companies, have also restricted employee access as part of internal data security and governance policies.
How to protect your data when using AI tools like DeepSeek
How you use an AI tool affects what data is collected and how it’s handled. How private or secure DeepSeek is in practice depends on how you use it, which version you use, and where your data is processed. These steps can help limit what’s shared and reduce exposure.
1. Think before you type
Prompts entered into AI chatbots may be logged, stored, and used to improve models or services. Avoid sharing sensitive information such as passwords, financial details, personal identifiers, health data, or confidential work content.
2. Use a VPN to mask your digital footprint
A virtual private network (VPN) encrypts your internet traffic and routes it through a different server, which replaces your IP address with that of the VPN. DeepSeek’s privacy policy states that it collects IP addresses and uses them to determine approximate location.
Using a VPN makes it harder to link your activity to your IP-based location.
3. Choose local use when possible
Using locally hosted models keeps prompts on your device instead of sending them to a hosted service. This depends on having compatible hardware, and not all devices can run larger models.
4. Adjust data collection settings where available
Some AI tools offer controls to manage how data is stored or used. These may include disabling chat history or opting out of model training. Availability varies by platform.
5. Verify important information
AI-generated responses can be incomplete or inaccurate. DeepSeek may also filter responses on certain topics, which can affect the completeness of its output. Confirm important details using reliable sources before acting on them.
6. Consider privacy-focused AI tools for sensitive tasks
Some providers offer privacy-focused configurations, such as local deployment, confidential computing, or limited data retention policies. One example is ExpressVPN’s ExpressAI, which runs open-weight models inside confidential computing enclaves, where prompts are encrypted and isolated from the underlying system.
If you choose to save conversations, they're protected with zero-access encryption, designed so only you can read them. Ghost Mode auto-deletes conversations when you're done.
FAQ: Common questions on DeepSeek safety
Is DeepSeek safe for work use?
Is DeepSeek safe for personal use?
Does DeepSeek store your prompts?
Is DeepSeek safer if you run it locally?
Can you delete your data from DeepSeek?
What should you never share with DeepSeek?
Take the first step to protect yourself online. Try ExpressVPN risk-free.
Get ExpressVPN
Comments
I have a suspicion that they spent more than $6 million. If it was made in China they may not be disclosing how much the Chinese government put into deepseek AI. I think that is just a propaganda number. If it is accruing people's financial data as well the Chinese could use it to cripple the west.
If find it weird how most blogposts about DeepSeek are only talking about the DeepSeek service and don't mention anything about the models being open source. Meaning anyone can download them and run them locally or use them via a 3rd party. If you run them locally (obv you need the hardware capable of that) your data isn't going to china. If you use deepseek via a 3rd party hosting company, your data isn't going to china. By not mentioning this, it makes the blogpost feel like it's "please our western ai services instead please"