How can I view, download, or delete my personal data from Discord (GDPR/CCPA)?
Executive summary
Discord provides built‑in tools to request a copy of personal data from the Data & Privacy section of User Settings and processes data requests within 30 days [1] [2]. California residents have CCPA-style rights and can contact Discord’s privacy team or use the local‑laws page for CCPA-specific opt‑out and deletion requests, though regulators have previously found gaps in Discord’s GDPR compliance [3] [4] [5].
1. Where to request a copy: the Data & Privacy setting and what to expect
A user seeking to view or download personal data should open Discord’s User Settings, go to Data & Privacy, and submit a “Request a copy of your data” — Discord says data packets are delivered in common formats such as JSON and attachments in their original formats, and typical processing time is up to 30 days [1] [2].
2. Identity verification and account prerequisites before a request will be honored
Discord requires that accounts be verified with an email address before a data request is processed, and the company takes “reasonable steps to verify your identity” when responding to requests under local privacy laws, a precaution especially noted for CCPA and similar regimes [2] [3].
3. How deletion requests work under CCPA/GDPR and the “right to be forgotten” tension
For California residents, Discord describes rights to request deletion of personal information and promises not to discriminate for exercising CCPA rights; EU users can invoke GDPR deletion rights, but community reports and regulator findings have highlighted friction: some users report lengthy or complicated deletion workflows, and France’s CNIL fined Discord for several GDPR failures, underlining that deletion and retention practices have been subject to regulatory scrutiny [4] [3] [6] [5].
4. Practical deletion steps and caveats drawn from Discord’s public guidance
Discord’s privacy documentation and help center instruct users to use account settings or support channels to delete accounts and to request data deletion or portability, but Discord also states it retains information while an account is active and may have retention windows for inactive accounts — CNIL’s probe led Discord to adopt a written retention policy and to address account inactivity retention periods [1] [5].
5. Where to send CCPA/GDPR‑specific or escalation requests
Discord’s Local Privacy Laws page directs California residents and others to privacy@discord.com for rights requests and clarifies the company’s stance that it does not “sell” personal data as defined under CCPA, while also noting it will verify identity before fulfilling requests [3]. Users seeking further help can consult Discord’s dedicated Support article “Requesting a Copy of your Data” for step‑by‑step instructions [2].
6. Pitfalls, disputes, and enforcement: users should expect friction sometimes
Public community complaints allege difficulties exercising Article 17 (right to be forgotten) and long timelines or re‑requests for additional identity details, and regulatory action such as the CNIL decision indicates that Discord’s policies and practices have not always met GDPR expectations, so individuals may need to escalate to local data protection authorities if requests stall [6] [5].
7. Quick checklist for action
Before requesting data or deletion, ensure the account email is verified, use the Data & Privacy → Request a copy flow for downloads (expect up to 30 days), send CCPA/GDPR‑specific notices to privacy@discord.com or use the help center deletion processes, and be prepared to verify identity; if the company’s response appears non‑compliant, regulators like CNIL have previously intervened [2] [1] [3] [5].