// Trust & Security Report

    Black Forest Labs, Inc. logo

    Black Forest Labs, Inc.

    FLUX generative image models (Playground, FLUX API, Open Weights / self-hosted, Enterprise)

    Certifications held

    3

    Maturity

    Enterprise

    Trains on your data

    Yes

    Trust center

    Yes

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    ISO 27001:2022
    HELD

    Compliance: ISO 27001:2022 ... Certifications: Black Forest Labs ISO 27001:2022 Certificate

    Verify on trust.bfl.ai
    SOC 2 Type II
    HELD

    Compliance: SOC 2 ... Certifications: Black Forest Labs Inc Report SOC 2 Type 2 12.17.25.pdf (site footer also lists 'SOC 2 TYPE II')

    Verify on trust.bfl.ai
    GDPR
    HELD

    Compliance: GDPR ... Resources: Black Forest Labs GDPR Compliance Audit Report.pdf

    Verify on trust.bfl.ai
    > Show 1 unconfirmed / not-held certifications
    HIPAA
    NOT CONFIRMED

    Not listed anywhere on the trust center, security pages, or legal pages. No healthcare/PHI scope claimed.

    source: trust.bfl.ai

    // Privacy & AI training

    Trains on customer data

    Yes

    Data processing agreement

    Not stated

    Data region

    International transfers under EU Standard Contractual Clauses; no published data-residency guarantee. BFL is a German lab (Freiburg) with a US entity (Black Forest Labs, Inc.); infrastructure runs on Microsoft Azure.

    Trains on customer prompts, inputs, and outputs BY DEFAULT for Playground (consumer) and standard FLUX API use. Privacy policy: content 'submitted to the Services, such as your image files, and the output that is created' is used to 'develop, train and improve the Services, including to research, develop, train and otherwise improve... our AI models.' FLUX API Service Terms grant BFL a 'royalty-free, perpetual, irrevocable, worldwide, non-exclusive and fully sublicensable' license to use Input and Output to train and improve its AI models. KEY EXCEPTION: the privacy policy 'does not apply to information that we process as a processor or service provider on behalf of our business customers' — i.e., where BFL is a data processor under contract. Enterprise/bespoke contracts offer 'rights not available in standard terms' and may include non-training. No 'zero retention' default exists for standard API. Self-hosted Open Weights keep data on the customer's own infrastructure (BFL never receives it).

    // Security controls

    Encryption (at rest / in transit)

    Data encryption utilized; Encryption key access restricted (Trust Center controls)

    trust.bfl.ai

    Penetration testing

    Penetration testing performed (listed under Product security controls)

    trust.bfl.ai

    Bug bounty

    No public HackerOne/Bugcrowd program found. Security contact: privacy@blackforestlabs.ai. None claimed.

    trust.bfl.ai

    Continuous compliance monitoring

    Vanta (continuous security and compliance monitoring) listed as subprocessor

    trust.bfl.ai

    Access control

    Unique account authentication enforced; Production application access restricted

    trust.bfl.ai

    Organizational controls

    Employee background checks performed; Anti-malware technology utilized; Portable media encrypted

    trust.bfl.ai

    Subprocessors

    Microsoft Azure (cloud), Google Workspace (identity), GitHub (version control), Vanta (security monitoring)

    trust.bfl.ai

    CSAM/NSFW safety filtering

    Pre-training data filtered for NSFW and known CSAM; partnered with the Internet Watch Foundation to filter known CSAM. Model repositories also include NSFW and IP-infringing content filters at input and output, and BFL ran a third-party red-team evaluation (~2,800 T2I/I2I prompts) before release.

    huggingface.co

    // Products & data scope

    Playground (consumer / no-code web)Browser image generation

    data: Full privacy policy applies; prompts, images, and outputs may be used to train BFL AI models.

    Highest data-sharing posture; not appropriate for confidential inputs.

    FLUX APIHosted inference API

    data: Standard service terms grant BFL rights to use Input/Output to train and improve models. No default zero-retention.

    For business customers where BFL acts as a processor under contract, training exemptions apply; confirm via signed agreement/DPA.

    Open Weights / Self-hosted (Hugging Face, GitHub, license)Downloadable model weights

    data: Runs entirely on the customer's own infrastructure; BFL does not receive prompts or outputs.

    Best privacy posture. FLUX.1 [dev] is non-commercial license; commercial/self-hosted needs a paid license.

    EnterpriseBespoke API + open-weights licensing

    data: Bespoke terms; 'rights not available in standard terms' — may include non-training and custom retention.

    Requires Contact Sales; ISO 27001 + SOC 2 Type II + GDPR posture supports enterprise diligence.

    // What to watch

    • Trains on customer prompts/inputs/outputs by default for Playground and standard API — material for anyone sending confidential or brand-sensitive imagery.
    • Training exemption exists only where BFL is a contracted processor (business customers) or under bespoke enterprise terms.
    • Self-hosting Open Weights is the only way to fully avoid sending data to BFL.
    • No public bug bounty program (HackerOne/Bugcrowd).
    • Source evidence file contained a mis-scraped privacy policy pointing to clay.com (an unrelated vendor); the correct BFL policy is https://bfl.ai/legal/privacy-policy — flagged so the directory does not ingest the wrong URL.
    • DPA availability not explicitly published; processor relationship for business customers implies one exists but verify.

    // At a glance

    Pricing model

    Freemium playground + usage-based API pricing + per-license open-weights/self-hosted + bespoke enterprise

    Self-hostable

    Yes

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Black Forest Labs, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    trust.bfl.ai

    > Browse all vendor trust reports