// Trust & Security Report
Coqui (Defunct)
Open-source text-to-speech and voice synthesis toolkit (XTTS V2). The commercial SaaS service (Coqui Studio, API) shut down in January 2024. The open-source GitHub projects continue to be maintained by the community.
Certifications held
0
Maturity
Unknown
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
> Show 7 unconfirmed / not-held certifications
source: github.comCompany shut down January 2024. coquitts.com returns 403 Forbidden. No SOC 2 report accessible from vendor domain. Nudge Security profile claims SOC 2 but no actual certificate found via search.
source: analyticsindiamag.comCompany defunct as of January 2024. No ISO 27001 certificate accessible from vendor domain. Nudge Security lists but not verified against vendor source.
source: github.comCompany no longer operates. Service discontinued January 2024. No active GDPR compliance posture. Historical privacy policy (if any) is no longer accessible - coquitts.com returns 403 Forbidden.
Company shut down January 2024. No evidence of HIPAA certification held by vendor. Nudge Security profile mentions but no vendor-domain proof available.
Company defunct. No vendor-domain evidence of PCI DSS certification.
Company shut down January 2024. No FedRAMP authorization found. Nudge Security lists but not vendor-verified.
Company defunct. No CSA STAR certification found via vendor domain or cloud security alliance registry search.
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Not offered
Data region
Unknown
Open-source Coqui TTS library available on GitHub/Hugging Face. Can be deployed locally with no data transmission to external servers. The commercial SaaS service that may have had data handling practices is now defunct. No information available on whether the SaaS service trained on user voice data.
// Security controls
Deployment Model
Open-source library deployable locally (no phone-home), reducing privacy risk if used on-premises. Commercial SaaS service is defunct.
github.comEncryption
Unknown for defunct SaaS service. Open-source library: no built-in encryption specified in documentation.
github.comData Storage
SaaS service defunct. Open-source version stores no data remotely when deployed locally.
github.com// Products & data scope
data: Open-source library. Processes input text and audio locally if self-hosted.
Supports 17 languages and voice cloning from 10-second audio samples. No longer has a commercial SaaS offering.
data: Service shut down January 2024
Commercial SaaS service that has been discontinued. No longer available for use.
// What to watch
- VENDOR DEFUNCT: Coqui AI shut down in January 2024. Commercial services no longer available.
- DOMAIN HIJACKING: Original coqui.ai domain is now parked with an unrelated Indonesian gambling website (UNIKBET), not Coqui's content.
- SERVICE INACCESSIBLE: coquitts.com (the SaaS service URL) returns HTTP 403 Forbidden.
- OVER-CLAIM RISK: Nudge Security profile lists SOC 2, ISO 27001, HIPAA, GDPR, FedRamp, and CSA STAR certifications, but none of these can be verified from vendor-domain sources. No actual certificates found via search.
- NO TRUST CENTER: No accessible trust center, security page, or compliance documentation available.
- IDENTITY UNCERTAINTY: The assessment targets a defunct company. Only the open-source GitHub projects remain active.
- CERTIFICATION STATUS UNKNOWN: If any certifications were held during operations (2023 and earlier), they are not verifiable and are no longer maintained or renewed post-shutdown.
// At a glance
Pricing model
Open-source (free) for library. SaaS service (Studio, API) is defunct.
Self-hostable
Yes
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Coqui (Defunct)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-06. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
github.com