// Trust & Security Report

    Elicit Research, PBC logo

    Elicit Research, PBC

    AI research assistant for scientific literature search, data extraction, and systematic reviews

    Certifications held

    4

    Maturity

    Growth

    Trains on your data

    Unknown

    Trust center

    Yes

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2 Type II
    HELD

    Elicit Research, PBC SOC 2 Type 2 Report 07152025.pdf [listed in Compliance > SOC 2 section of trust center; SOC 3 public report also listed; SOC 2 Bridge Letter 4-23-26 and Letter of Engagement 2026 present]

    Verify on trust.elicit.com
    SOC 3
    HELD

    SOC 3 public report listed alongside the SOC 2 Type 2 report in the Compliance section of the Elicit Trust Center; SOC 3 is the publicly distributable, general-use version of Elicit's SOC 2 audit.

    Verify on trust.elicit.com
    Cyber Essentials
    HELD

    Compliance SOC 2 Cyber Essentials

    Verify on trust.elicit.com
    GDPR (DPA with SCCs)
    HELD

    Elicit will (i) comply with Applicable Data Protection Laws, and (ii) process the Customer Personal Data as necessary to perform its obligations under the Agreement. SCCs incorporated for EU and UK transfers; governed by Irish law.

    Verify on elicit.com
    > Show 7 unconfirmed / not-held certifications
    ISO 27001
    NOT CONFIRMED

    No public evidence on any elicit.com or trust.elicit.com page. Not listed in the trust center Compliance section. A third-party aggregator (Nudge Security) claims this cert but it does not appear in Elicit's own trust center, blog, or policy pages and cannot be verified.

    source: trust.elicit.com
    HIPAA
    NOT CONFIRMED

    No public evidence on any elicit.com or trust.elicit.com page. Not listed in trust center Compliance section. Third-party aggregator claims it; unverifiable on vendor domain.

    source: trust.elicit.com
    FedRAMP
    NOT CONFIRMED

    No public evidence on any elicit.com or trust.elicit.com page. Not listed in trust center Compliance section.

    source: trust.elicit.com
    CSA STAR
    NOT CONFIRMED

    No public evidence on any elicit.com or trust.elicit.com page. Not listed in trust center Compliance section.

    source: trust.elicit.com
    PCI DSS
    NOT CONFIRMED

    No public evidence on any elicit.com or trust.elicit.com page. Not listed in trust center Compliance section.

    source: trust.elicit.com
    ISO 27017 / 27018 / 27701
    NOT CONFIRMED

    No public evidence on any elicit.com or trust.elicit.com page.

    source: trust.elicit.com
    ISO/IEC 42001 (AI Management)
    NOT CONFIRMED

    No public evidence on any elicit.com or trust.elicit.com page.

    source: trust.elicit.com

    // Privacy & AI training

    Trains on customer data

    Not stated

    Data processing agreement

    Offered

    Data region

    United States (AWS). Privacy policy states 'Our servers are located in the United States.' SCCs and UK Addendum in place for EU and UK data transfers. No EU data residency option confirmed on any vendor page.

    Training policy varies sharply by product tier. Enterprise tier: 'We do not train on Enterprise user data' and subprocessors (OpenAI, Anthropic) have zero-retention, no-training agreements. API tier: per API Terms, 'You grant Elicit a license to use your inputs solely to provide the API service...including but not limited to using your inputs to train AI models.' Free/Team platform: Team Terms state 'Platform and its underlying technology is improved and enhanced through the processing of Customer Materials' implying product improvement from customer data. Main platform ToS grants Elicit a broad perpetual, irrevocable, transferable license over user-submitted content. Non-enterprise procurement teams must confirm tier terms before assuming no-train.

    // Security controls

    Encryption in transit

    TLS 1.2+

    elicit.com

    Encryption at rest

    AES-256-GCM

    elicit.com

    Cloud infrastructure

    Amazon Web Services (AWS); enterprise customers receive single-tenancy with dedicated, logically isolated AWS clusters; multi-zone replication; daily backups

    elicit.com

    Authentication and access

    MFA enforced; SAML 2.0 SSO supported for enterprise; fine-grained content visibility controls (private, view-only, searchable, collaborative)

    elicit.com

    Infrastructure security controls

    Encryption key access restricted; production application access restricted; unique account authentication enforced (14 controls total per trust center)

    trust.elicit.com

    Organizational security controls

    Employee background checks performed; anti-malware technology; asset disposal procedures; Code of Conduct (11 controls total per trust center)

    trust.elicit.com

    Business continuity

    Business Continuity and Disaster Recovery plans established and tested (listed as controls on trust center)

    trust.elicit.com

    Subprocessors

    Amazon Web Services (cloud, US), Anthropic (AI models, US), OpenAI (AI models, US), Customer.io (email, US)

    trust.elicit.com

    Vulnerability disclosure

    security@elicit.com listed on trust center

    trust.elicit.com

    HECVAT questionnaire

    HECVAT document available on trust center (signals higher-education procurement readiness; not a certification)

    trust.elicit.com

    // Products & data scope

    Elicit Free / PlusAI research tool (individual)

    data: User queries, uploaded documents, search history, telemetry

    Broad perpetual irrevocable license over user content in main platform ToS. No explicit no-training guarantee at this tier. Shared infrastructure.

    Elicit TeamAI research tool (collaborative)

    data: Shared research projects, uploaded documents, team usage telemetry

    Team Terms state platform is improved through customer materials. DPA available. No explicit no-training guarantee. Independent DPA review recommended before handling sensitive data.

    Elicit EnterpriseAI research tool (enterprise/institutional)

    data: Isolated single-tenant AWS cluster; enterprise customer data fully redacted before AI provider calls

    No training on enterprise user data; AI subprocessors have zero-retention and no-training agreements; SSO/SAML; dedicated infrastructure with complete tenant isolation. Strongest data protection posture.

    Elicit APIAI research API

    data: API inputs (search queries, documents), outputs

    API Terms explicitly grant Elicit license to use inputs to train AI models. Also prohibit API consumers from using outputs to train competing models.

    // What to watch

    • AI training bifurcation by tier: Enterprise is explicitly no-train; API explicitly allows Elicit to train on user inputs; Free and Team tiers have broad license language without explicit no-train guarantees. Procurement must confirm tier before assuming no-train.
    • Team-Terms language ('Platform and its underlying technology is improved and enhanced through the processing of Customer Materials') could imply product improvement including model training from non-enterprise customer data.
    • Main platform ToS grants Elicit a 'perpetual, irrevocable, transferable' license over user-submitted content - unusual breadth for a scientific research tool used with proprietary literature.
    • Third-party aggregator Nudge Security claims ISO 27001, HIPAA, FedRAMP, CSA STAR, and PCI DSS for Elicit. None of these appear in Elicit's own trust center, blog, or policy pages. These claims are unverified and should not be relied upon for procurement decisions.
    • Cyber Essentials (UK government baseline scheme) is held and confirmed on trust center but is significantly lighter in scope and rigor than ISO 27001.
    • No EU data residency: all data resides in US-based AWS. EU and UK customers rely on SCCs as the legal transfer mechanism.
    • All AI model subprocessors (Anthropic, OpenAI) are US-based. Enterprise agreements restrict their data retention and training; non-enterprise tiers have no documented equivalent restriction on subprocessor behavior.
    • HECVAT questionnaire is available on the trust center, signaling higher-education procurement readiness, but is a self-assessment questionnaire not a third-party certification.

    // At a glance

    Pricing model

    Freemium; paid Plus and Team tiers; Enterprise priced on contract; API priced separately per usage

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Elicit Research, PBC's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-06-29. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    trust.elicit.com

    > Browse all vendor trust reports