Midjourney is an AI tool for generating images and, by now, also short videos from text and image prompts.
Midjourney is an AI image generator with a web and Discord interface that translates text, reference images, and style prompts into high-quality visuals. Today, the tool covers not only classic text-to-image, but also image references, style references, Character/Omni References, moodboards, Describe functions, editor workflows, and short image-to-video animations. Particularly striking is the strong creative controllability through personalization and visual references. Important for professional use: Commercial use is generally permitted, but its suitability for data protection and enterprise use can only be rated as limited due to US-based storage, training-related concerns, and limited business administration.
Midjourney
community-funded research lab … building the most beautiful AI models in the world
Location: USA ⓘ Midjourney, Inc., Attn: Takedowns Department, 611 Gateway Blvd. Ste 120, South San Francisco, CA, 94080-7066, US.
Standard Plan: More Fast GPU time, unlimited image generation in Relax Mode, HD video possible in Fast Mode.
Pro Plan: More Fast GPU time, Stealth Mode, more simultaneous image/video prompts, Relax Mode for images and SD video.
Mega Plan: Highest official tier with maximum Fast GPU time and the highest parallelization limits within the standard plans. Other Annual Billing Annual payment with a discount compared to monthly payment.
Fast/Relax Mode Usage depends, depending on the plan, on fast GPU time and Relax Mode.
Stealth Mode Included only in Pro and Mega; is intended to keep images/videos private, but does not apply in open/shared rooms.
Target audience
Typical users are creatives, designers, illustrators, social media managers, freelancers, agencies, and private enthusiasts who want to quickly develop visual ideas. Through Character Reference, Style Reference, moodboards, and the Editor, Midjourney is particularly interesting for people who need consistent visual worlds, campaign looks, or iterative visual prototyping. However, it is less suitable for strictly regulated corporate environments.
Outstanding features
What stands out is the combination of personalization, moodboards, and reference systems, as well as the integrated Editor with Remix, Vary Region, Pan, and Zoom Out. Added to this are Describe for image-to-prompt inspiration, Draft Mode for rapid prototyping, and V8.1 Alpha with HD standard images in 2K and improved prompt adherence. This mix makes Midjourney particularly strong for style development and creative iteration.
Main use cases
Midjourney is particularly well suited for ideation, concept art, look development, story and campaign visualization, stylistic exploration, social media assets, moodboards, and character-consistent image series. In addition, it is also possible to convert an image into a short five-second video.
Usage & notes
Midjourney is used via the website or Discord. For good results, the official documentation tends to recommend short, clear prompts; references and personalization profiles also help with consistency and style fidelity. From a data privacy perspective, you should note that Midjourney stores data in the USA, Discord has its own privacy policies, and Stealth Mode is only available starting with Pro/Mega. For companies, it is also important that, according to the official Group Plan documentation, Midjourney does not offer a classic enterprise setup with SSO, seat management, or a security questionnaire process.
Hosting & Data
1) On-prem / local hosting
Meaning: The company operates the solution on its own hardware or within its own infrastructure. In the strictest sense, not only the application runs locally, but ideally the model as well.
2) Private cloud / data center
Meaning: The solution runs in a dedicated or more clearly separated cloud environment, often with a hosting provider or hyperscaler, but in a German data center or in a particularly controlled environment.
3) EU SaaS / managed
Meaning: The provider operates the solution itself as a service. The company uses the tool as a ready-made cloud service, ideally with EU data residency.
4) Hybrid
Meaning: One part of the processing remains internal / local / in a private cloud, while another part runs in an external cloud or EU SaaS.
5) AVV / DPA
Meaning: This is the data processing agreement or Data Processing Addendum. It governs that the provider processes personal data on behalf of the customer and is bound by the customer's instructions.
6) No training
Meaning: The provider does not use your prompts, uploads, attachments, chat histories, or outputs for training or improving the general model — ideally excluded by contract.
7) Open-source / transparency path
Meaning: There is a path toward greater technical transparency and sovereignty, for example through:
- open models
- documented components
- self-hostable parts
- traceable architecture
- export / switching options
| On-prem / local hosting | ❓ |
| Private cloud / data center | ❓ |
| EU SaaS / Managed | ❓ |
| Hybrid | ❓ |
| DPA / AVV | ❓ |
| No training on customer data | ❓ |
| Open source / transparency path | ❓ |
On-prem / local hosting: indirect / not available
An on-premises or local hosting option is not listed on the website.
Private Cloud / Data Center: Unclear
A dedicated private cloud, enterprise data center, or isolated EU/EEA environment is not specified on the website.
EU SaaS / Managed: Indirect / Not available
A SaaS service is available, but the website states that personal data processed by Midjourney is stored in the U.S.; EU data residency is not specified on the website.
Hybrid: Indirect / Not Available
A hybrid operating model with partial internal, on-premises, or private cloud processing is not specified on the website.
AVV / DPA: unclear
A DPA is not specified on the website.
No training: indirect / not available
The website states that the privacy policy also covers data collected during the training of Midjourney’s algorithms, and the training documentation cites data from Midjourney users as a training source. An opt-out option for general model training is not specified on the website.
Open Source / Transparency Path: Indirect / Not Available
Open-source components, open models, self-hostable parts, or a documented transparency path are not specified on the website.
Data Processing
The website describes Midjourney as a hosted service available via the website and Discord. The privacy policy lists prompts, images, videos, documents, messages, IP addresses, usage data, contact information, and organizational data as the types of data processed. The Privacy FAQ states that the personal data processed by Midjourney is stored on servers in the United States. For EEA/EU-related transfers, Midjourney refers to standard contractual clauses and additional safeguards; specific EU/EEA data centers, lists of subprocessors, or data residency options are not specified on the website.
Conclusion
For users in Europe, Midjourney is, according to the documentation available on the website, only partially compliant with data protection laws and cannot be clearly demonstrated to be GDPR-compliant. The decisive factors are the explicitly stated storage in the U.S., the lack of information on EU data residency, the absence of information on the ATO/DPA on the website, and the lack of details regarding subprocessors and training opt-out. As a result, the documentation is, on the whole, insufficient for a robust EU/EEA compliance assessment.
Sources
- https://docs.midjourney.com/hc/en-us/articles/32083472637453-Privacy-Policy
- https://docs.midjourney.com/hc/en-us/articles/32084462534541-Data-Deletion-and-Privacy-FAQ
- https://docs.midjourney.com/hc/en-us/articles/42829949256205-AB2013-Documentation
- https://docs.midjourney.com/hc/en-us/articles/28014645615373-Keeping-Your-Creations-Private
| On-prem / local hosting | ❓ |
| Private cloud / data center | ❓ |
| EU SaaS / Managed | ❓ |
| Hybrid | ❓ |
| DPA / AVV | ❓ |
| No training on customer data | ❓ |
| Open source / transparency path | ❓ |
On-prem / local hosting: indirect / not available
An on-premises or local hosting option is not listed on the website.
Private Cloud / Data Center: Unclear
A dedicated private cloud, enterprise data center, or isolated EU/EEA environment is not specified on the website.
EU SaaS / Managed: Indirect / Not available
A SaaS service is available, but the website states that personal data processed by Midjourney is stored in the U.S.; EU data residency is not specified on the website.
Hybrid: Indirect / Not Available
A hybrid operating model with partial internal, on-premises, or private cloud processing is not specified on the website.
AVV / DPA: unclear
A DPA is not specified on the website.
No training: indirect / not available
The website states that the privacy policy also covers data collected during the training of Midjourney’s algorithms, and the training documentation cites data from Midjourney users as a training source. An opt-out option for general model training is not specified on the website.
Open Source / Transparency Path: Indirect / Not Available
Open-source components, open models, self-hostable parts, or a documented transparency path are not specified on the website.
Data Processing
The website describes Midjourney as a hosted service available via the website and Discord. The privacy policy lists prompts, images, videos, documents, messages, IP addresses, usage data, contact information, and organizational data as the types of data processed. The Privacy FAQ states that the personal data processed by Midjourney is stored on servers in the United States. For EEA/EU-related transfers, Midjourney refers to standard contractual clauses and additional safeguards; specific EU/EEA data centers, lists of subprocessors, or data residency options are not specified on the website.
Conclusion
For users in Europe, Midjourney is, according to the documentation available on the website, only partially compliant with data protection laws and cannot be clearly demonstrated to be GDPR-compliant. The decisive factors are the explicitly stated storage in the U.S., the lack of information on EU data residency, the absence of information on the ATO/DPA on the website, and the lack of details regarding subprocessors and training opt-out. As a result, the documentation is, on the whole, insufficient for a robust EU/EEA compliance assessment.
Sources
- https://docs.midjourney.com/hc/en-us/articles/32083472637453-Privacy-Policy
- https://docs.midjourney.com/hc/en-us/articles/32084462534541-Data-Deletion-and-Privacy-FAQ
- https://docs.midjourney.com/hc/en-us/articles/42829949256205-AB2013-Documentation
- https://docs.midjourney.com/hc/en-us/articles/28014645615373-Keeping-Your-Creations-Private
Strengths & weaknesses at a glance
| Strengths | Weaknesses |
|---|---|
| • Very strong image aesthetics and high-quality visual results | • No free version for Discord or midjourney.com |
| • Web interface plus Discord workflow | • Stealth Mode only in higher-tier plans |
| • Editor for inpainting, pan, zoom out, and remix | • No regular public API; automation and third-party apps are not allowed according to the Community Guidelines |
| • Video generation from starting images | • Open community by default: content can be public/remixable, except when using Stealth and in appropriate contexts |
| • Personalization, moodboards, style references, and Style Creator for recurring visual looks | • GDPR assessment is difficult for companies: US provider, international transfers, third parties, and no publicly discoverable AVV/DPA |
| • Commercial use generally possible, with special rules for very large companies | • No SSO, no seat/admin management, and no negotiation of individual terms for organizations according to the official group plan page |
Reviews
0 reviews in total
There are no confirmed reviews for this tool yet.
Submit review
Your review will only become visible after email confirmation. This protects the portal against abuse.
Report review
Please select the reason why this review should be checked.
GDPR-compliant usage possible?
The information documented on the website does not demonstrate full GDPR compliance for users in the EU/EEA. On a positive note, Midjourney addresses EEA/EU-related issues in its privacy policy and specifies standard contractual clauses for data transfers. At the same time, the website explicitly states that the personal data processed by Midjourney is stored on servers in the United States. The website does not specify an EU data residency, EU/EEA data centers, a Data Processing Agreement (DPA), subprocessors, or an on-premises/self-hosting option. Additionally, the website states that data generated from the use of the service may be used to train the models.
Positive
Privacy policy available; separate notices for the EEA/EU, Switzerland, and the UK are provided; Standard Contractual Clauses for transfers from the EEA/EU context are mentioned; deletion of accounts and data is described; non-essential cookies are to be used only with explicit consent.
Negative
The website states that personal data is stored on Midjourney servers in the U.S. The website does not specify an EU data residency or an EU/EEA hosting option. A Data Processing Agreement (DPA) is not mentioned on the website. Subprocessors are not listed on the website. The privacy policy and training documentation explicitly state that data generated from the use of the service and user data may be relevant for training or for training machine learning algorithms; an opt-out option for general model training is not provided on the website. On-premises, self-hosting, or private cloud options are not listed on the website.
Server Location
As stated on the website: personal data processed by Midjourney is stored on Midjourney servers in the United States. EU/EEA server locations or EU data residency are not specified on the website.