// Trust & Security Report

    Aifnet Ltd. logo

    Aifnet Ltd.

    AI image generator (30+ models including Flux, Stable Diffusion, DALL-E, Ideogram, SeeDream) with complementary video, music, and upscaling tools. Established 2015, serving 5M+ creators.

    Certifications held

    0

    Maturity

    Growth

    Trains on your data

    Unknown

    Trust center

    No

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    > Show 10 unconfirmed / not-held certifications
    SOC 2 Type 2
    NOT CONFIRMED

    No mention on vendor domain. Nudge Security profile displays badge but vendor's own privacy policy (https://deepdreamgenerator.com/privacy, last updated Dec 5, 2025) contains zero reference to SOC 2 audit or attestation.

    source: deepdreamgenerator.com
    SOC 2 Type 1
    NOT CONFIRMED

    No mention on vendor domain. Only third-party Stripe (payment processor) mentions SSAE18/SOC 2 Type 1/2 compliance, but that is Stripe's cert, not Deep Dream Generator's.

    source: deepdreamgenerator.com
    ISO 27001
    NOT CONFIRMED

    No public evidence. Vendor's privacy policy and terms do not reference ISO 27001 certification or audit.

    source: deepdreamgenerator.com
    GDPR Compliance
    NOT CONFIRMED

    GDPR deletion mechanism present ('To request account and data deletion please send us an email to: contact@deepdreamgenerator.com'), but no formal GDPR compliance certification or Data Protection Impact Assessment published. Vendor subject to GDPR as they process EU user data.

    source: deepdreamgenerator.com
    HIPAA
    NOT CONFIRMED

    No evidence. Consumer image generator; HIPAA (healthcare data) not applicable to product scope.

    source: deepdreamgenerator.com
    ISO 27017 (Cloud Security)
    NOT CONFIRMED

    No public evidence. Not mentioned in privacy policy or vendor documentation.

    source: deepdreamgenerator.com
    ISO 27018 (Personal Data Protection)
    NOT CONFIRMED

    No public evidence. Not mentioned in vendor documentation.

    source: deepdreamgenerator.com
    ISO 42001 (AI Management System)
    NOT CONFIRMED

    No public evidence. Not mentioned in vendor documentation.

    source: deepdreamgenerator.com
    FedRAMP
    NOT CONFIRMED

    No evidence. Not applicable; vendor is not a US federal contractor.

    source: deepdreamgenerator.com
    CSA STAR
    NOT CONFIRMED

    No public evidence. Not mentioned on vendor domain.

    source: deepdreamgenerator.com

    // Privacy & AI training

    Trains on customer data

    Not stated

    Data processing agreement

    Not offered

    Data region

    United States and other countries (explicit consent required per ToS)

    Ambiguous. ToS grants vendor 'a non-exclusive, worldwide, royalty-free' license to use uploaded content 'for operating, improving, promoting, and maintaining the Service.' Does not explicitly state whether generated images or prompts are used for model training. User-generated content remains private by default unless made public.

    // Security controls

    Encryption in transit

    Expected (HTTPS), not explicitly documented.

    deepdreamgenerator.com

    Payment data handling

    Processed by Stripe or another payment processor disclosed at checkout; per Terms, 'We do not store full payment card numbers.'

    deepdreamgenerator.com

    Content moderation

    Strengthened post-2025 after payment processor flagged sexual content violations. NSFW content automatically made private or removed. Account suspension/banning for repeated violations.

    deepdreamgenerator.com

    IP rights

    Users retain ownership and commercial usage rights to generated content.

    deepdreamgenerator.com

    // Products & data scope

    AI Image GeneratorImage Generation

    data: Text prompts, generated images (stored private by default, user controls public visibility)

    30+ models: Flux, Stable Diffusion, DALL-E, Ideogram, SeeDream, ChatGPT 2, Artistic 2, DaVinci2. Users age 16+. Free tier with energy limits; paid subscriptions available.

    AI Video GeneratorVideo Generation

    data: Uploaded images or prompts, generated video frames

    Models: Veo 3, Kling, Sora 2, Hailuo AI, Seedance Pro. Transforms static images into dynamic video.

    AI Music GeneratorAudio Generation

    data: Text prompts for music generation

    Limited details provided on music capabilities.

    AI UpscalerImage Enhancement

    data: Uploaded images

    Claimed by 500,000+ creators. Enhances image resolution and quality.

    // What to watch

    • OVER-CLAIM RISK: Nudge Security profile displays SOC 2, ISO 27001, GDPR, HIPAA, FedRamp, CSA STAR badges, but zero vendor-domain documentation or audit reports back these claims. Vendor's own privacy policy (Dec 5, 2025) makes no mention of any formal certifications.
    • PAYMENT PROCESSOR COMPLIANCE INCIDENT: Vendor's own blog states 'our payment provider flagged DDG for compliance issues, because some users were able to generate sexual content on the site,' resulting in a financial penalty and a warning to strengthen filters 'or we risk losing our ability to process payments altogether.' The blog does not name the processor (Stripe is named elsewhere as a payment processor). Vendor responded with stricter moderation. Indicates prior compliance gap.
    • NO TRUST CENTER: Attempted /security and /trust URLs return 404. No dedicated security/compliance documentation page.
    • GDPR POSTURE UNCLEAR: Has deletion mechanism but no formal DPA, no DPIA published, no GDPR certification. Processes EU user data without documented compliance framework.
    • AI TRAINING AMBIGUITY: ToS grants license to use content for 'operating, improving...the Service' but does not explicitly state if customer images/prompts used for model training. Requires direct clarification.
    • STARTUP-STAGE COMPLIANCE: Vendor shows growth maturity (2015 founding, 5M+ users) but lacks enterprise-grade security infrastructure. No published audit reports, no SLA commitment, no formal incident response documentation.
    • IDENTITY VERIFIED: Aifnet Ltd., VAT BG205591406, Bulgaria. Founder: Kaloyan Chernev (public LinkedIn). Domain: deepdreamgenerator.com. No identity ambiguity.

    // At a glance

    Pricing model

    Freemium: free tier with energy-limited generations; paid subscriptions for higher limits and advanced features.

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Aifnet Ltd.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    deepdreamgenerator.com

    > Browse all vendor trust reports