// Trust & Security Report
Keywee Inc. (d.b.a. Anyword)
Anyword — AI-powered content generation platform for e-commerce, social media, ads, and copywriting with performance prediction scoring. Sub-products include Amazon product description generator, social post creator, ad copy generator, and API for enterprise integration.
Certifications held
2
Maturity
Growth
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on anyword.com“"comply with the EU General Data Protection Regulation 2016/679 (GDPR)" with Standard Contractual Clauses for EU data transfers and UK IDT Addendum for UK data”
Verify on anyword.com“"California CCPA: Service Provider restrictions prohibit selling personal information or using data for purposes beyond contract scope"”
> Show 3 unconfirmed / not-held certifications
source: anyword.comDPA states: "Anyword operates an information security management system that complies with the requirements of ISO/IEC 27001:2022 standard." This is a self-attestation of conformity, not a certification; no accredited certificate, audit report, or certification body is published on the vendor domain.
source: anyword.comSecurity page marketing states "Upholding SOC 2, ISO, and GDPR regulations, Anyword places your data's security at the forefront." No SOC 2 attestation report, Type 1/Type 2 designation, or auditor is publicly available; no public evidence of a completed SOC 2 examination.
source: anyword.comSecurity page displays a HIPAA badge (HIPPA.svg) but contains no explicit HIPAA compliance text claim; no Business Associate Agreement (BAA) link or HIPAA documentation is available on the vendor domain. No public evidence of HIPAA compliance.
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Offered
Data region
United States and other countries; data replication across multiple AWS availability zones
The privacy policy is silent on whether customer content or prompts are used to train or improve Anyword's AI models, and discloses no opt-out. Model-training use can neither be confirmed nor ruled out from public documentation.
// Security controls
Encryption in transit
HTTPS/TLS for data in transit; data replication across multiple AWS availability zones
anyword.comEncryption at rest
Not publicly documented. The DPA confirms encryption in transit (HTTPS/TLS) only; neither the privacy policy nor the DPA specifies encryption of data at rest.
anyword.comAccess controls
Role-based permissions and team access management ("take full control over roles, permissions, and access within your company"). MFA and SSO are not documented on the public security page.
anyword.comPersonnel security
Background checks on data-handling employees, mandatory confidentiality agreements, privacy/security training required
anyword.comVulnerability & penetration testing
Regular penetration testing on public-facing systems, proactive vulnerability assessments
anyword.com// Products & data scope
data: User-generated prompts, account data, usage metrics
Web-based AI copywriting tool; processes customer content to generate marketing copy. Does NOT appear HIPAA-certified for PHI despite marketing claims. Data subject rights assistance provided per DPA.
data: API-submitted content, application data
Enterprise API integration available; same compliance framework as SaaS product
data: Customer data remains on customer infrastructure
Option for organizations needing data residency control; referenced in the assessment but not verifiable on the public vendor domain. Confirm availability and certification status directly with the vendor.
// What to watch
- ISO 27001 self-attested, not certified: The DPA states Anyword's ISMS 'complies with the requirements of ISO/IEC 27001:2022' but no accredited certificate, audit report, or certification body is published; treat as self-declared conformity, not a third-party certification
- HIPAA not held: Security page shows a HIPAA badge (HIPPA.svg) but no explicit HIPAA text claim and no BAA or HIPAA documentation on the vendor domain; healthcare orgs must not process PHI without a signed BAA
- AI training data policy unclear: The privacy policy does not address whether customer prompts/content are used to train or improve Anyword's AI models, and discloses no opt-out; buyers with sensitive content should confirm training and retention terms directly with the vendor
- SOC 2 not evidenced: The security page references 'upholding SOC 2' in marketing copy, but no SOC 2 attestation report, scoping document, or Type 1/Type 2 designation is publicly available; enterprise buyers should request the SOC 2 report directly before relying on it
- No dedicated trust center: Compliance information scattered across security page, DPA, and privacy policy; no consolidated trust/compliance hub unlike mature vendors (e.g., Salesforce, Okta)
- Terms of service unavailable: Vendor's /terms-of-use URL returns 404; terms either moved or no longer public
// At a glance
Pricing model
Freemium SaaS with tiered paid plans ($29-$499/month based on usage); enterprise pricing available
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Keywee Inc. (d.b.a. Anyword)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-06. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
anyword.com