// Trust & Security Report
CraftlyAI Inc.
Craftly.AI is an AI-powered copywriting assistant built on OpenAI models, offering 100+ content frameworks for marketing copy, blog posts, emails, and social media content across 25+ languages.
Certifications held
0
Maturity
Growth
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
> Show 7 unconfirmed / not-held certifications
source: craftly.aiNo vendor-domain documentation; third-party claim via Nudge Security not substantiated on craftly.ai
source: craftly.aiNo vendor-domain documentation; third-party claim via Nudge Security not substantiated on craftly.ai
source: craftly.aiNo explicit GDPR compliance statement on vendor domain; privacy policy URL (craftly.ai/privacy-policy.html) returns 404
source: craftly.aiTerms of Service prohibit uploading health data rather than claiming HIPAA compliance: users may not 'Provide or upload any information to the Services that is "Protected Health Information" as defined under the Health Insurance Portability and Accountability Act'.
source: craftly.aiNo vendor-domain documentation; third-party claim via Nudge Security not substantiated on craftly.ai
source: craftly.aiNo vendor-domain documentation; third-party claim via Nudge Security not substantiated on craftly.ai
source: craftly.aiNo vendor-domain documentation; third-party claim via Nudge Security not substantiated on craftly.ai
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Not offered
Data region
Unknown; company based in Toronto, Canada; uses AWS (unspecified regions)
Terms reference OpenAI API usage and state 'Craftly.ai and OpenAI may request information from you regarding your efforts to reduce safety risks.' Unclear if customer content is retained or used for model improvement. Data ownership: 'Craftly.ai's licensor, OpenAI LLC, exclusively owns all right, title and interest in and to Generated Content.' No explicit opt-out for training disclosed.
// Security controls
Authentication
Okta integration, Google/Microsoft login, SSO available; 2FA support noted as limited in third-party profile
security-profiles.nudgesecurity.comInfrastructure
Runs on AWS; reliant on third-party services (Google Workspace, Stripe, Intercom, Zendesk)
craftly.aiLiability & Copyright
Vendor disclaims liability for copyright infringement, plagiarism, or ownership of content. Liability capped at amounts paid or $200 USD maximum.
craftly.ai// Products & data scope
data: User text inputs for content generation; supports 25+ languages; generates marketing copy, blog posts, emails, social media, landing pages, product descriptions
Built on OpenAI models (GPT-3+). Content ownership: OpenAI LLC owns generated outputs. Plagiarism detection claimed but liability disclaimed. Enterprise tier offers custom models, team collaboration, SSO.
// What to watch
- CERT-CONTRADICTION: Vendor's Terms of Service explicitly prohibit HIPAA data use, yet third-party (Nudge Security) claims HIPAA certification. This is a red flag for accuracy of third-party claims.
- UNVERIFIED-THIRD-PARTY: Nudge Security profile claims SOC 2, ISO 27001, GDPR, PCI, FedRamp, CSA STAR—none of which appear on vendor's own domain, no trust center, no security pages, no vendor-domain documentation found.
- PRIVACY-POLICY-404: Advertised privacy policy URL (craftly.ai/privacy-policy.html) returns HTTP 404; users cannot independently verify privacy practices.
- AI-TRAINING-OPAQUE: Terms do not explicitly state whether customer content is retained or used for model training. No clear opt-out disclosed. Data ownership explicitly assigned to OpenAI LLC.
- VENDOR-DOMAIN-GAPS: No dedicated security, trust, compliance, or certifications pages on craftly.ai. All searches for security-related content return zero results.
- STARTUP-STAGE: Founded 2021, bootstrap-funded, 1-10 employees—typical of early-stage AI tools with limited compliance infrastructure.
- IDENTITY-VERIFIED: Legal entity confirmed as 'CraftlyAI Inc.' and 'MNGD LLC' at 626 King St West, Suite 401, Toronto, M5V 1M5 per homepage footer.
// At a glance
Pricing model
Freemium (5-day free trial) + paid subscription tiers; enterprise custom pricing
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on CraftlyAI Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-06. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
craftly.ai