// Trust & Security Report
Black Forest Labs, Inc.
FLUX generative image models (Playground, FLUX API, Open Weights / self-hosted, Enterprise)
Certifications held
3
Maturity
Enterprise
Trains on your data
Yes
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on trust.bfl.ai“Compliance: ISO 27001:2022 ... Certifications: Black Forest Labs ISO 27001:2022 Certificate”
Verify on trust.bfl.ai“Compliance: SOC 2 ... Certifications: Black Forest Labs Inc Report SOC 2 Type 2 12.17.25.pdf (site footer also lists 'SOC 2 TYPE II')”
Verify on trust.bfl.ai“Compliance: GDPR ... Resources: Black Forest Labs GDPR Compliance Audit Report.pdf”
> Show 1 unconfirmed / not-held certifications
source: trust.bfl.aiNot listed anywhere on the trust center, security pages, or legal pages. No healthcare/PHI scope claimed.
// Privacy & AI training
Trains on customer data
Yes
Data processing agreement
Not stated
Data region
International transfers under EU Standard Contractual Clauses; no published data-residency guarantee. BFL is a German lab (Freiburg) with a US entity (Black Forest Labs, Inc.); infrastructure runs on Microsoft Azure.
Trains on customer prompts, inputs, and outputs BY DEFAULT for Playground (consumer) and standard FLUX API use. Privacy policy: content 'submitted to the Services, such as your image files, and the output that is created' is used to 'develop, train and improve the Services, including to research, develop, train and otherwise improve... our AI models.' FLUX API Service Terms grant BFL a 'royalty-free, perpetual, irrevocable, worldwide, non-exclusive and fully sublicensable' license to use Input and Output to train and improve its AI models. KEY EXCEPTION: the privacy policy 'does not apply to information that we process as a processor or service provider on behalf of our business customers' — i.e., where BFL is a data processor under contract. Enterprise/bespoke contracts offer 'rights not available in standard terms' and may include non-training. No 'zero retention' default exists for standard API. Self-hosted Open Weights keep data on the customer's own infrastructure (BFL never receives it).
// Security controls
Encryption (at rest / in transit)
Data encryption utilized; Encryption key access restricted (Trust Center controls)
trust.bfl.aiPenetration testing
Penetration testing performed (listed under Product security controls)
trust.bfl.aiBug bounty
No public HackerOne/Bugcrowd program found. Security contact: privacy@blackforestlabs.ai. None claimed.
trust.bfl.aiContinuous compliance monitoring
Vanta (continuous security and compliance monitoring) listed as subprocessor
trust.bfl.aiAccess control
Unique account authentication enforced; Production application access restricted
trust.bfl.aiOrganizational controls
Employee background checks performed; Anti-malware technology utilized; Portable media encrypted
trust.bfl.aiSubprocessors
Microsoft Azure (cloud), Google Workspace (identity), GitHub (version control), Vanta (security monitoring)
trust.bfl.aiCSAM/NSFW safety filtering
Pre-training data filtered for NSFW and known CSAM; partnered with the Internet Watch Foundation to filter known CSAM. Model repositories also include NSFW and IP-infringing content filters at input and output, and BFL ran a third-party red-team evaluation (~2,800 T2I/I2I prompts) before release.
huggingface.co// Products & data scope
data: Full privacy policy applies; prompts, images, and outputs may be used to train BFL AI models.
Highest data-sharing posture; not appropriate for confidential inputs.
data: Standard service terms grant BFL rights to use Input/Output to train and improve models. No default zero-retention.
For business customers where BFL acts as a processor under contract, training exemptions apply; confirm via signed agreement/DPA.
data: Runs entirely on the customer's own infrastructure; BFL does not receive prompts or outputs.
Best privacy posture. FLUX.1 [dev] is non-commercial license; commercial/self-hosted needs a paid license.
data: Bespoke terms; 'rights not available in standard terms' — may include non-training and custom retention.
Requires Contact Sales; ISO 27001 + SOC 2 Type II + GDPR posture supports enterprise diligence.
// What to watch
- Trains on customer prompts/inputs/outputs by default for Playground and standard API — material for anyone sending confidential or brand-sensitive imagery.
- Training exemption exists only where BFL is a contracted processor (business customers) or under bespoke enterprise terms.
- Self-hosting Open Weights is the only way to fully avoid sending data to BFL.
- No public bug bounty program (HackerOne/Bugcrowd).
- Source evidence file contained a mis-scraped privacy policy pointing to clay.com (an unrelated vendor); the correct BFL policy is https://bfl.ai/legal/privacy-policy — flagged so the directory does not ingest the wrong URL.
- DPA availability not explicitly published; processor relationship for business customers implies one exists but verify.
// At a glance
Pricing model
Freemium playground + usage-based API pricing + per-license open-weights/self-hosted + bespoke enterprise
Self-hostable
Yes
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Black Forest Labs, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
trust.bfl.ai