// Trust & Security Report
Keywee Inc. (d.b.a. Anyword)
AI content generation and optimization platform for marketing teams, with performance-based AI copywriting, brand voice control, and private hosted LLM options for enterprise compliance.
Certifications held
4
Maturity
Enterprise
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on anyword.com“Anyword operates an information security management system that complies with the requirements of ISO/IEC 27001:2022 standard.”
Verify on anyword.com“SOC 2 Type II (compliance badge displayed on the Enterprise page; the general Security page references only 'SOC 2' without a Type designation)”
Verify on anyword.com“Upholding SOC 2, ISO, and GDPR regulations, Anyword places your data's security at the forefront.”
> Show 2 unconfirmed / not-held certifications
No public evidence on anyword.com
No public evidence on anyword.com
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Offered
Data region
Multi-country: US and other countries where services operate. Primary infrastructure: AWS, Azure, Google Cloud Platform (all USA). Sub-processors: Google Workspace, SendGrid, Snowflake, HubSpot, Rivery, Tableau (all USA).
Homepage claims 'Your data is never used to train third-party models' but privacy policy does not explicitly state whether customer data is used for first-party model training. Users are warned not to submit personal data in platform prompts. Requires clarification from vendor.
// Security controls
Access control
Multi-factor authentication (MFA), Single Sign-On (SSO), role-based access control (RBAC)
anyword.comVulnerability management
Regular penetration testing, vulnerability assessments, and risk-based patching (Critical/High/Medium patches applied as soon as commercially possible)
anyword.comData retention
Data deletion or return following service termination, except where legally required to retain
anyword.com// Products & data scope
data: Customer project data, user interactions, content created. Standard cloud hosting with shared infrastructure.
Primary product for marketing teams. Includes A/B testing, performance scoring, and integrations. Data processed across AWS/GCP/Azure.
data: Dedicated, isolated environment. Customer data remains within secure, dedicated Anyword instance without exposure to external LLM providers.
Enterprise option for compliance-heavy organizations (healthcare, finance). Exclusive control over custom language model training and data handling.
data: API requests and content generation results. Can be integrated with private LLMs for data isolation.
Programmatic access to content generation and performance prediction engine. Includes A/B-tested data and performance RAG features.
// What to watch
- OVER-CLAIM RISK: Homepage states 'Your data is never used to train third-party models,' but privacy policy does not explicitly confirm this. Clarification needed on whether first-party model training uses customer data and under what opt-out conditions.
- SOC 2 DOCUMENTATION: Referred to as 'SOC 2 Type II' on enterprise page but only 'SOC 2' (without Type specification) on general security page. Type II confirmation should be verified against actual audit report.
- NO FORMAL TRUST CENTER: Compliance information is scattered across product pages (homepage, enterprise, security, private-models, DPA) rather than consolidated in a single trust center. This makes verification more time-consuming.
- ADDRESS INCONSISTENCY: Primary address listed as '368 9th Ave, New York, NY 10001' on homepage, but DPA references '240 W. 35th Street, Suite 500, New York, NY 10001.' Both are valid NYC addresses; clarify if both locations are in use.
- HIPAA DOCUMENTATION: HIPAA compliance is claimed on product pages but detailed BAA terms or audit evidence not publicly available. Blog post 'Anyword is Now HIPAA Compliant' exists but specifics not detailed.
- THIRD-PARTY AUDIT REPORT: No publicly accessible SOC 2 audit report, ISO 27001 certificate scan, or HIPAA assessment document found. Vendors claiming SOC 2 Type II should provide Report Summaries (SOC 2 Type II attestation) upon request.
- THIRD-PARTY CERTIFICATIONS UNVERIFIED: Nudge Security profile lists PCI DSS, FedRamp, and CSA Star Level 1, but these are not mentioned on anyword.com domain. Recommend direct vendor verification before claiming these in procurement evaluations.
// At a glance
Pricing model
Freemium SaaS with usage-based and team/enterprise plans; private LLM deployment available for enterprise customers
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Keywee Inc. (d.b.a. Anyword)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-06. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
anyword.com