How has DuckDuckGo changed its data retention policies and retention periods recently?

1. What DuckDuckGo says it changed: privacy posture and product updates

DuckDuckGo’s public-facing narrative, reflected in coverage of the 2025 updates, centers on keeping requests stateless (no user sessions or cross-device linking) and improving backend practices such as encryption and cookie management to reduce traces at the OS and network level ^{[1] [2]}. The company’s privacy page indicates a policy update in November 2025 that addresses how DuckDuckGo is “anonymously improving” its search indexes, signaling a change in how aggregate/indexing processes are described even as the site maintains its no-login, minimal-data stance ^[3].

2. Reported operational changes: tracking policy, transparency, and tooling

Third‑party reporting about 2025 describes a broader tracking-policy refresh that adds a transparency portal, a privacy dashboard in the mobile app, and plans for quarterly transparency reports that would surface interactions, search trends, and authority requests — moves billed as increasing visibility into handling of data and requests ^{[2] [5] [6]}. These reports and dashboards, if implemented as described by UMA Technology, are changes in disclosure practices rather than explicit statements of new retention durations ^{[2] [5]}.

3. Evidence of legacy issues and fixes around local storage and transmission

Critiques from outside outlets note that older DuckDuckGo browser versions could leave traces in local storage or fail to preserve HTTPS under certain network/VPN conditions until fixes were rolled out in early 2024–2025, indicating that some retention-like artifacts were addressed in recent product updates ^[7]. Those accounts illustrate why DuckDuckGo’s shift toward more explicit disclosures and in‑app dashboards would be a practical response, but the sources stop short of tying those fixes to formal, quantified retention-period changes ^[7].

4. What remains unclear: specific retention periods and legal compliance details

None of the provided materials offer a clear, auditable table of data categories plus exact retention periods (for example: logs retained X days, query hashes retained Y days) or a formal change log showing shortened or extended retention windows; the primary policy note is qualitative (an update about anonymous indexing) and industry reporting emphasizes feature and transparency shifts rather than numeric retention-policy changes ^{[3] [2]}. Because the sources lack explicit retention-period figures, it is not possible from this reporting to confirm whether DuckDuckGo shortened, lengthened, or formally codified particular retention windows and how those apply across products (search, browser, mobile app).

Conclusion: meaningful transparency steps, but numeric retention changes not documented in available reporting

The story in the reporting is one of DuckDuckGo doubling down on its stateless, no-login privacy claims while adding transparency tools and hardening technical behavior (encryption, cookies, dashboards) in 2025 — steps that reduce the chance of data persistence and make practices more visible ^{[1] [2] [5]}. However, authoritative confirmation of concrete retention-period changes (specific durations, data categories, or deleted historical holdings) is absent from the cited sources, so a definitive claim that DuckDuckGo formally changed specific retention periods cannot be supported by the provided reporting ^{[3] [2]}.