Travel Translator Privacy: What Cloud Apps Actually Upload

Why this matters more than people think

When you use a cloud translation app abroad, you are not just translating text. You are giving a foreign company a continuous record of what you are reading, who you are talking to, and where you are. Most of the time this is harmless. The exceptions — a hospital discharge note, a lawyer’s memo, a personal medical question — are exactly the moments you most want to translate something quickly.

This article looks at what three popular travel translation apps actually say in their privacy policies, what that means in practice, and how running on-device sidesteps the whole problem. It is not a hit piece — the apps do useful work — but it is a reminder that “free” translation is paid for in data.

What “uploaded” actually means

Before the comparison, two definitions worth nailing down:

• Uploaded = leaves your phone, gets transmitted over the network, and arrives at the company’s server. Whether they keep it after the translation is a separate question.
• Logged = stored on the company’s servers in some form, even if pseudonymized. This is what governs whether someone with a subpoena could later retrieve it.

Cloud translators have to upload the source text in order to translate it — that is unavoidable. The interesting question is what happens after the translation: how long is it kept, who can access it, and what is it used for.

What three popular apps disclose

This is a summary based on each company’s own publicly published privacy policy as of 2026. Read each policy directly; the links go to the source.

Google Translate

Google explicitly publishes a sweeping privacy policy that covers Translate as part of the broader Google ecosystem. The relevant points for a translation user:

• Text, voice, and photo input are sent to Google servers for processing.
• Your translations are tied to your Google Account if you are signed in.
• Google states it uses input “to improve our services” — including model training, with various opt-out controls in your Google Account.
• Retention varies by account setting; some logs persist by default until you actively delete them.

The honest reading: if you are signed into Google on your phone, your translation history can be combined with your search history, your map history, and your YouTube history. That is not necessarily bad — but it is one identity profile, not four siloed ones.

DeepL

DeepL maintains a public privacy policy that emphasizes EU GDPR alignment. For their free tier:

• Source text is uploaded for translation.
• DeepL states free-tier text “may be used” to improve their models and is not retained beyond the time needed for the operation, but their policy distinguishes free tier from Pro tier (with stronger guarantees).
• They do not require an account for the free tier.

The honest reading: DeepL is in a stronger regulatory environment (EU) than most US-based competitors, and the Pro tier has explicit non-retention guarantees. The free tier is closer to “trust the policy” than “no upload happens.”

iTranslate

iTranslate publishes a privacy notice that, like most freemium apps, mixes core translation processing with analytics SDKs. Relevant points:

• Translation input is processed via cloud APIs.
• Third-party analytics SDKs (varies over time, common examples include Firebase, AppsFlyer, advertising IDs) are integrated unless disabled.
• An account is required for some features.

The honest reading: the translation itself is the smaller privacy issue compared to the analytics surface area. A SaaS-style freemium translator on your phone is harvesting metadata about app usage, not just the translations themselves.

The pattern that emerges

Look at the three above and a clear pattern shows up. Every cloud translator has to choose between three kinds of cost:

1. Charge a real subscription so the company does not need data to monetize.
2. Take the data to monetize ads or model training.
3. Operate at a loss until the funding runs out.

Most “free” translation apps land on (2). It is not necessarily evil — this is the deal you implicitly accept when you tap “Free Download” — but it is the deal. If the math feels uncomfortable, the alternative is to either pay (1) or move the work off the cloud entirely.

What “on-device” changes about this picture

Cove Travel runs the model on your phone using Google Gemma 4 E2B. Concretely:

• Source text, photos, and voice never leave your phone.
• There is no Cove server logging anything because there is no Cove server in the translation loop at all.
• We collect no per-translation telemetry. The website uses cookieless Cloudflare Analytics; the apps themselves report only crash logs (with no payload data).
• Uninstalling Cove deletes the model and all your translation history in one step.

The trade-off, stated honestly: the on-device model is a few percent less accurate on rare or specialized vocabulary than a cloud-scale model. For travel translation that rarely matters; for translating a long legal document it can. Pick the tool to fit the stakes.

A practical privacy checklist for travel

Before you fly, take ten minutes and:

• Open each translation app on your phone and read its privacy policy page directly. Most have a one-page summary.
• Check what the app’s permissions list looks like: camera, microphone, location, contacts. The smaller the list, the smaller the risk surface.
• For sensitive content (medical notes, legal text, anything tied to a specific identifiable person), strongly prefer on-device.
• For everyday menu and signage translation, cloud is fine — the value is high and the privacy stakes are low.
• If you must use a cloud app for sensitive content, sign out of any account beforehand, turn off “improve our services” toggles, and delete the history afterwards.

That last step is awkward but it is the version of the deal that does not depend on trust.

Where to read further

• Why on-device AI beats cloud for travel expands the latency / reliability case alongside the privacy one.
• How on-device AI actually works explains the engineering that makes the on-device approach viable.
• Cove Travel is our shipping example of the on-device approach.

The privacy tradeoff is a real one, but it is not a binary choice. Different translations have different stakes. The point of this article is to make the deal you are accepting visible — so you can match the tool to the moment.