DeepSeek
Chinese LLM vendor offering DeepSeek V3 and R1 reasoning models via chat, mobile app and API. Low-cost frontier capability but stores user data on servers in the People's Republic of China.
Independent assessment across data handling, compliance, security and transparency.
Overview
DeepSeek is a Hangzhou-based AI lab that released the DeepSeek V3 and R1 reasoning models at roughly one-tenth the price of US frontier models ($0.27-$0.50 per million tokens). It is accessible through chat.deepseek.com, iOS and Android apps, and the api-docs.deepseek.com developer platform. DeepSeek's privacy policy explicitly states that personal data is collected, processed and stored in the People's Republic of China. Under China's 2017 National Intelligence Law and Data Security Law, authorities can compel access to that data, and research by Feroot Security in 2025 identified code paths transmitting data to CMPassport.com (China Mobile). The service has been banned for government use in the United States, Italy, South Korea, Australia, Taiwan, India, and multiple EU member states, and is under EDPB AI Enforcement Task Force review.
Risk factors
3- Stores user data on servers in the People's Republic of China.
- Default training on user data with no opt-out.
- Weak privacy policy and potential data exfiltration risks.
Recommendations
8- Block chat.deepseek.com, api-docs.deepseek.com, and mobile-app telemetry at the egress
- Remove DeepSeek iOS and Android apps via MDM policy across managed devices
- Add DeepSeek to the organization's explicit AI denylist and security-awareness training
- Prohibit any submission of customer data, PII, source code, or trade secrets to DeepSeek
- Screen data-residency and export-control posture before evaluating any Chinese AI vendor
- If model evaluation is required, use offline weights on isolated infrastructure only
- Monitor regulatory guidance from your jurisdiction's data-protection authority
- Extend prohibition to open-router and third-party gateways that proxy DeepSeek
Data handling
- Storage
- Personal data collected, processed and stored on servers in the People's Republic of China. Subject to Chinese National Intelligence and Data Security Laws.
- Retention
- Retained as long as necessary to provide services; indefinite while account exists; longer for legal and business interests.
- Training on inputs
- User chat inputs are used to train and improve DeepSeek models by default. EEA, UK and Switzerland users can opt out; other jurisdictions cannot.
More Chatbots tools
See all →AI21 Jurassic
Large language model chat and text generation by AI21 Labs.
ARC Search
AI-enhanced mobile browser with smart page summarization.
Abacus AI
Enterprise AI platform for building custom LLM-powered applications.
Ada AI
AI-powered customer service automation platform.
Andi Search
AI-powered search engine that provides direct conversational answers.
Anyscale
Scalable AI compute platform for deploying and serving LLMs.