This post concerns Google AI Studio directly, including its data retention behavior, deletion inconsistencies, cross‑tenant exposure, and Google’s own written acknowledgment that they received my GDPR request and will respond.
Moderators are requested NOT to remove or hide this post, as it is directly related to AI Studio functionality, user data handling, and an ongoing GDPR process.

I am publishing the full evidence package here because the issues originate inside Google AI Studio, including:

• deleted AI Studio chats remaining accessible for 32+ days

• AI Studio content appearing under multiple tenants

• AI Studio “deleted” items still being processed by backend systems

• Google’s confirmation email (“we received your request and will respond”)

• the full GDPR notice sent to Google and the Data Protection Commission

• all attachments, timestamps, and screenshots

Immutable public archive (timestamped):

This material is part of the official evidentiary record and directly concerns AI Studio’s data handling.

Ez a bejegyzés közvetlenül a Google AI Studióról szól, beleértve az adatmegőrzési viselkedést, a törlési ellentmondásokat, a cross‑tenant megjelenést, valamint a Google saját írásos visszaigazolását arról, hogy megkapták a GDPR‑kérelmet és válaszolni fognak.
Kérem a moderátorokat, hogy NE töröljék és NE rejtsék el a posztot, mivel ez közvetlenül érinti az AI Studio működését, adatkezelését és egy folyamatban lévő GDPR‑eljárást.

A teljes bizonyítéki csomagot azért teszem közzé, mert a problémák magából az AI Studióból erednek, többek között:

• törölt AI Studio chatek 32+ napig továbbra is elérhetők

• AI Studio tartalom több tenant alatt is megjelenik

• „törölt" AI Studio elemek továbbra is feldolgozás alatt állnak a backendben

• a Google visszaigazoló levele („megkaptuk a kérelmét és válaszolni fogunk")

• a Google‑nak és a DPC‑nek küldött teljes GDPR‑értesítés

• minden melléklet, időbélyeg és képernyőkép

Időbélyegzett, megváltoztathatatlan archívum:

Ez az anyag a hivatalos bizonyítéki iratanyag része, és közvetlenül érinti az AI Studio adatkezelését.

If this post is removed, this link serves as the permanent, timestamped evidence of its content.
Moderators have no right to delete GDPR‑relevant material that documents AI Studio data‑handling issues:

Ha ezt a bejegyzést törölnék, ez a link tartalmazza a poszt teljes, időbélyegzett bizonyítékát. A moderátoroknak nincs joguk GDPR‑releváns, AI Studio adatkezelési hibákat dokumentáló anyagot törölni

The Shared Backend Paradox:

My logical conclusion is that the consumer‑facing Gemini (Gemini Apps) and the developer‑facing AI Studio run on the same backend.
Google’s consumer Terms of Service promise that user data is ‘securely and fully deleted from storage systems.’
But since I have demonstrated that the backend (AI Studio) is technically incapable of performing actual deletion, the deletion promise made to Gemini consumers is a technical impossibility — which means it constitutes intentional consumer deception.

The illusion‑based ‘Deletion’ (Fake Deletion / Soft‑delete):
I have proven (with videos and direct URL tests) that the ‘Delete’ button in AI Studio only removes the chat from the user interface. In the backend the chat remains active for weeks as a ‘ghost session’, the system continues to tokenize it, and the model keeps responding to it. In other words, Google creates the appearance of deletion while the data processing continues uninterrupted in the background.

The most critical issue: Cross‑Tenant data leakage, which is my most severe technical evidence.
I documented that a prompt you had already ‘deleted’ was re‑indexed by the backend weeks later and then assigned to a completely different, independent user account (Account B).
This is a tenant‑mapping collapse.
In cloud services (especially in AI systems), cross‑tenant data leakage is the most severe security incident imaginable, because it means the system has lost control over data isolation.

These issues constitute serious GDPR violations.
Google’s Data Protection Officer (DPO) and legal department have been ignoring my registered letters with return receipt for more than 6 months.

The DSA (Digital Services Act) and Dark Patterns:
The ‘Delete’ button, which does not delete but merely moves a metadata file into the Google Drive trash, is a classic Dark Pattern.
It creates a false illusion of user control, which is a violation of Article 25 of the DSA (manipulation of user autonomy).

Google claims that AI Studio is only for ‘business’ use in order to evade the strict EU consumer protection rules.
However, I correctly argue that under EU law, the actual reality determines the legal status — not whatever Google writes into a Terms of Service.

No TOS can override the GDPR, regardless of what Google puts into an agreement.

If Google continues to play deaf, I will take the matter to legal action.

After my public documentation, Google AI Studio changed the wording of the “Delete” button and the related warning text.
The previous version was misleading: “Delete” did not actually delete anything — it only moved files to Trash while the system continued to process them.

I have video recordings, screenshots, and timestamped evidence showing that:

• the old “Delete” button did not delete,

• the files remained accessible,

• the system continued to process the supposedly deleted content,

• and the old behavior was problematic from a data‑protection standpoint.

Shortly after I published this evidence, Google silently updated the deletion‑related label and text.
The difference between the old and new versions is clear and fully documented.

Képernyőkép 2026-06-07 0948491887×1079 510 KB

Képernyőkép 2026-06-07 0959531919×1079 143 KB

Képernyőkép 2026-04-30 0527361919×1079 131 KB

The 30‑day warning only appeared on the interface AFTER my posts.

Google did NOT fix the delete functionality.

They only changed the wording, while the backend still performs no real deletion.

The retention doesn’t even start, because they would have to actually delete the prompt first. I recorded a video showing that I delete it, restore it from the trash, and it immediately appears again in the UI. The trash in Drive empties automatically, but this is illegal because the button says the prompt will disappear, but it doesn’t. This is not deletion, they just renamed the button. And it’s Google who must prove that they delete the prompts but they can’t prove it.

The deletion doesn’t even start, because there is no deletion at all.

I have been reporting the incorrect deletion behavior FOR HALF A YEAR, repeatedly, with detailed technical evidence.
During this period, I RECEIVED NO RESPONSE, no explanation, and no investigation results.

The UI label modification occurred only 3–4 WEEKS AGO, IMMEDIATELY AFTER I:

– DOCUMENTED THE ISSUE IN PUBLIC POSTS,
– PROVIDED TIMESTAMPED INTERNET ARCHIVE EVIDENCE,
– PUBLISHED VIDEO PROOF,
– AND SENT MESSAGES FOR SIX MONTHS WITHOUT ANY REPLY.

The system remained UNCHANGED FOR MONTHS, and the sudden UI modification happened only after my reports became public.

Therefore, I DEMAND AN ANSWER explaining:

– WHAT JUSTIFIED THE LABEL CHANGE,
– WHO INITIATED IT,
– WHAT INTERNAL REVIEW PRECEDED IT,
– AND WHAT CAUSAL FACTORS LED TO THIS MODIFICATION.

My evidence clearly shows that:

-- the deletion process DOES NOT START,
– the retention period DOES NOT START,
– the data remains FULLY ACCESSIBLE,
– the technical behavior has remained UNCHANGED FOR HALF A YEAR,
– the UI label change DID NOT RESOLVE THE GDPR‑RELEVANT ISSUE.

Furthermore:

THE NEW UI TEXT MATCHES WORD‑FOR‑WORD THE PHRASES I USED IN MY PUBLIC POSTS.
Therefore, I request clarification on the extent to which this modification is connected to my reports and the evidence I published.

THE TIMESTAMPED INTERNET ARCHIVE RECORDS, THE VIDEO EVIDENCE, AND SIX MONTHS OF UNANSWERED MESSAGES ARE FACTS THAT REQUIRE A FORMAL RESPONSE.

IN LIGHT OF THESE FACTS, I HEREBY MAINTAIN AND CONTINUE TO ASSERT MY CLAIM FOR COMPENSATION.

All evidence is timestamped, archived, and publicly accessible.