// Trust & Security Report
Code Cabin, Inc.
ContentBot.ai is an AI-powered content automation platform offering blog post generation, marketing copy creation, landing page builders, workflow automation (Flows), bulk importing, and content humanization tools. Supports 110+ languages and serves digital marketers, content creators, SEO specialists, and agencies.
Certifications held
0
Maturity
Growth
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
> Show 8 unconfirmed / not-held certifications
source: contentbot.aiNo public evidence of SOC 2 certification found on ContentBot.ai website, privacy policy, or terms of service.
source: contentbot.aiNo public evidence of ISO 27001 certification found in reviewed documentation.
source: contentbot.aiPrivacy policy states 'Code Cabin and ContentBot.ai support the spirit and aim of data protection proposed by the GDPR' and 'will process this data in adherence to the GDPR', but no formal GDPR certification (binding corporate rules, standard contractual clauses, or adequacy decision) is documented.
source: contentbot.aiNo evidence of HIPAA applicability or compliance; ContentBot.ai is a consumer/commercial content generation tool with no healthcare-specific features or claims.
source: contentbot.aiPayment processing handled by Stripe and PayPal (PCI-compliant third parties), but no direct PCI DSS certification for ContentBot.ai itself.
source: contentbot.aiNo public evidence of cloud security certifications.
source: contentbot.aiNo public evidence of AI governance certification; company mentions 'ethical AI program' worked on with OpenAI, but no formal ISO 42001 certification provided.
source: contentbot.aiNo public evidence of Cloud Security Alliance STAR AI certification.
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Not offered
Data region
United States (Miami, Florida) and South Africa (Boksburg, Gauteng). Data stored on Code Cabin servers.
Terms of Service grant ContentBot 'a non-exclusive, transferable, worldwide, royalty-free, fully paid-up license' to User Content. This language is ambiguous regarding AI model training. Privacy policy does not explicitly disclose whether customer content is used to train or improve AI models. No clear opt-out mechanism for AI training is documented.
// Security controls
Encryption in Transit
No explicit details provided; privacy policy states 'reasonable steps' to protect personal information.
contentbot.aiData Storage
Stored on Code Cabin servers. Support data stored on internal support desk with access limited to support agents subject to confidentiality agreements.
contentbot.aiBreach Notification
Notification within 72 hours of discovery and without undue delay, in accordance with GDPR.
contentbot.aiPayment Security
Uses GDPR-compliant third-party processors (Stripe and PayPal) with strict data protection measures.
contentbot.aiThird-Party Audit / Penetration Testing
No public evidence of regular security audits or penetration testing.
contentbot.aiEmployee Security Training
No documentation of employee security training or data handling policies.
contentbot.ai// Products & data scope
data: Processes blog topics and user inputs to generate full blog posts. User content licensed to ContentBot under broad terms.
Includes SEO optimization, intelligent linking, and uniqueness scoring. Supports 110+ languages.
data: Automates content workflows with triggers, actions, and filters. Can process bulk data and schedules (daily/weekly).
Supports complex content strategies; Premium+ tier allows unlimited workflows.
data: Uploads bulk data (CSV/documents) for batch AI processing. Outputs returned as CSV, documents, or email.
Premium tier: 50 row limit; Premium+ tier: 500 row limit. Processes large datasets.
data: Processes AI-generated content to produce 'undetectable' human-like output. Bypasses detection tools (ZeroGPT, Winston AI).
Marketed for stealth/evasion; raises ethical and detection-avoidance concerns.
data: Generates landing page copy from user input.
Integrated into platform suite.
data: Real-time conversational interface; processes user queries and context.
Available across all pricing tiers.
// What to watch
- NO_FORMAL_CERTIFICATIONS: ContentBot.ai has zero publicly documented certifications (SOC 2, ISO 27001, HIPAA, etc.). Privacy policy emphasizes GDPR principles but lacks formal compliance frameworks or third-party verification.
- AMBIGUOUS_DATA_TRAINING: Terms of Service grant broad 'non-exclusive, transferable' license to User Content, but privacy policy does not explicitly disclose AI training practices. No clear customer opt-out mechanism for model training.
- NO_DPA: No standalone Data Processing Agreement (DPA) found; users relying on broad Terms + Privacy policy for compliance.
- NO_TRUST_CENTER: No dedicated trust/security center, transparency portal, or compliance documentation published.
- EVASION_TOOL_MARKETING: 'AI Content Humanizer' is marketed as bypassing detection tools (ZeroGPT, Winston AI) and enabling 'undetectable AI content' and 'stealth mode.' This raises ethical and use-case concerns (potential academic dishonesty, plagiarism detection evasion).
- NO_SECURITY_AUDITS: No evidence of third-party security audits, penetration testing, or ongoing compliance monitoring.
- GROWTH_STAGE_POSTURE: 7-person team, recently founded (early 2021), no formal security/compliance infrastructure evident. This is typical for growth-stage startups but indicates lower maturity than enterprise vendors.
- GDPR_UNVERIFIED: While privacy policy claims GDPR adherence, the claims are not backed by legal documentation, audit reports, or formal compliance certification. Liability and enforceability unclear.
// At a glance
Pricing model
Freemium + subscription tiers: Starter ($9/mo, 50k words), Premium ($29/mo, 150k words), Premium+ ($49/mo, 400k words). Prepaid per-word option ($0.5 per 1000 words). 10k free words on first purchase.
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Code Cabin, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-06. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
contentbot.ai