Security at TranslateSheet
Your data privacy and security are foundational to everything we build. Here's how we protect your information.
Encryption in Transit
All data is encrypted using TLS 1.3 during transmission. We never transmit sensitive data over unencrypted connections.
Secure Infrastructure
Hosted on Google Cloud Platform (Cloud Run) with enterprise-grade security, automatic scaling, and isolated execution environments.
No Data Retention
We don't store your translated content. Text is processed in real-time and immediately discarded after translation.
GDPR Compliant
Fully compliant with EU General Data Protection Regulation. Your rights to access, delete, and control your data are protected.
EU Data Processing
All translation processing happens within European data centers. Your content never leaves GDPR-protected regions.
SOC 2 Partners
DeepL (our translation provider) maintains SOC 2 Type II certification. GCP infrastructure is SOC 2, ISO 27001 certified.
Responsible Disclosure
We take security vulnerabilities seriously and appreciate the security research community's efforts in helping us maintain a secure platform.
If you discover a security vulnerability, please report it to us privately. We're committed to working with researchers to verify and address any potential issues.
Report a Vulnerability
security@translatesheet.comPlease include as much detail as possible, including steps to reproduce.
Our Response Commitment
Within 48 hours
Initial acknowledgment of your report
Within 7 days
Assessment and severity classification completed
7-14 days
Fix deployed (depending on severity and complexity)
After resolution
Credit given to reporter (if desired) and disclosure coordination
How We Handle Your Data
Transparency is key. Here's exactly what happens when you use TranslateSheet.
Data Type
Text Translation
What
Text you select for translation
How Processed
Sent securely to our backend, forwarded to DeepL API, response returned to you
Retention
Never stored. Processed in real-time only.
Data Type
Authentication
What
Google OAuth credentials
How Processed
Handled via Google's secure OAuth 2.0 flow. We never see your Google password.
Retention
Session tokens stored securely. You can revoke access anytime via Google.
Data Type
Glossaries
What
Custom terminology you create
How Processed
Stored encrypted in our database to persist across sessions
Retention
Retained until you delete them. You have full control.
Data Type
Usage Metrics
What
Character counts, feature usage
How Processed
Used to enforce plan limits and improve our product
Retention
Aggregated and anonymized for analytics. No content stored.
Compliance & Certifications
Our infrastructure and partners maintain industry-leading security standards.
GDPR
CompliantFull compliance with EU data protection regulations
SOC 2 Type II
Partners CertifiedDeepL and GCP infrastructure certification
ISO 27001
InfrastructureGoogle Cloud Platform certification
TLS 1.3
EnforcedLatest encryption standard for data in transit