Why does it matter?
Content translated online very often contains:
- clients’ names and surnames
- email addresses and phone numbers
- contract and order numbers, national ID numbers, health data
- internal business information
Once pasted into a translator:
- the data is transferred to an external system
- the company loses direct control over it
- it is not always clear where the data is processed or for how long
A real-life example:
During an audit in a commercial company, it was discovered that customer service staff regularly pasted entire messages from international clients into publicly available translation tools, including contact details, order numbers and sometimes information about complaints related to health issues. There was no bad intent — it was purely about speed. However, after reviewing the incident, the company had to formally treat it as a personal data breach. The incident was reported to the supervisory authority, and clear internal rules for using online tools were introduced.
What can you do?
- Translate without data
Where possible, remove names, contract numbers and other identifying details before pasting the text.
- Use company-approved tools
If your organisation provides its own translation systems or AI tools, use only those.
- Ask if you are unsure
It is better to check with the DPO or IT team than to unknowingly share data externally.
- Short fragments, not full documents
Do not upload full contracts, scans or entire email threads.
Remember!
An online translator is not a “smart dictionary”. It is an external system to which you are sending content — often together with personal data.
The rule is simple: the less data you paste, the safer it is for you and the company.