// Trust & Security Report
Hugging Face, Inc.
AI Model Hub and Inference Platform. Core products: Hub (model/dataset repository), Inference Endpoints (serverless deployment), Inference Providers (45k+ models via unified API), Spaces (app hosting), HuggingChat (consumer AI assistant), Storage Buckets (data storage). Enterprise tiers include SSO, SCIM, audit logs, data residency controls.
Certifications held
2
Maturity
Enterprise
Trains on your data
No
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on huggingface.co“The Hugging Face Hub, Inference Endpoints, and Inference Providers are all SOC 2 Type II certified. [We] provide security certification to our customers and actively monitor and patch any security weaknesses.”
Verify on huggingface.co“Hugging Face is GDPR compliant. Hugging Face can offer...GDPR data processing agreements through an Enterprise Plan.”
> Show 8 unconfirmed / not-held certifications
source: huggingface.coHugging Face does not currently publish an ISO/IEC 27001 certification. However, most enterprise customers accept the SOC 2 Type II report as equivalent assurance, since the two standards have substantial control overlap.
source: huggingface.coHugging Face can also offer Business Associate Addendums...through an Enterprise Plan. [No full HIPAA compliance certification; only BAA agreements for eligible enterprise customers.]
source: huggingface.coNo public evidence of PCI DSS certification on vendor domain.
source: huggingface.coNo public evidence on vendor domain.
source: huggingface.coNo public evidence on vendor domain.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
US (default), EU, Asia-Pacific (coming soon). Data residency controls available on Team+ plans. For EU compliance, EU region ensures GDPR-compliant storage in EU data centers.
Hugging Face does not use customer data, models, or datasets for training their own AI systems. HuggingChat conversations are explicitly private and not used for model training. Feedback usage is reserved but only for aggregated/anonymized insights. Private repositories are protected with reasonable measures.
// Security controls
Encryption in Transit
TLS/SSL encryption on all data transfers (Inference Endpoints, Serverless Inference API, Inference Provider routing)
huggingface.coAuthentication & Access Control
User access tokens, Two-Factor Authentication (2FA), Resource Groups with fine-grained RBAC, SSO (SAML 2.0 / OIDC) on Enterprise
huggingface.coSingle Sign-On (SSO)
SAML 2.0 and OpenID Connect (OIDC) supported on Enterprise; supports Okta, Azure AD, OneLign, etc.
huggingface.coAudit Logging
Comprehensive audit logs on Team+ plans; logs retained for compliance review
huggingface.coCode & Malware Scanning
Malware scanning and Pickle scanning on model repositories; third-party scanners (Protect AI, JFrog) integrated
huggingface.coSecrets Scanning
Automated detection and scanning for hardcoded secrets in repositories
huggingface.coGit over SSH & GPG Commit Signing
Secure Git operations and commit authentication options
huggingface.coPrivate Network Connectivity
AWS PrivateLink and Azure PrivateLink support for Inference Endpoints (Enterprise feature)
huggingface.coData Residency
Region selection (US, EU, APAC coming) with performance and compliance benefits; 4-5x faster EU transfers when stored in EU
huggingface.coToken Management & Revocation
Fine-grained tokens with per-resource permissions; token revocation API on Enterprise
huggingface.co// Products & data scope
data: Public and private models, datasets, Spaces applications, storage buckets
Core platform with 2M+ models and 500k+ datasets. SOC 2 Type II certified. Free tier available with basic security; Team and Enterprise tiers add audit logs, SSO, SCIM, data residency.
data: Model inputs/outputs, inference logs retained for up to 30 days (no customer data stored)
SOC 2 Type II certified. TLS/SSL encryption in transit. Private network (PrivateLink) support on Enterprise. Logs do not store request/response bodies or user tokens.
data: Routing to 45,000+ models via single API; no data retention for inference calls
SOC 2 Type II certified. TLS/SSL encryption in transit. Vendors include leading AI providers. No storage of customer inference data.
data: App code and runtime; stored in selected region (Team+ feature)
Supports both CPU and GPU compute. Data residency available on Team+. Some advanced features (ZeroGPU) may not be available in all regions.
data: Conversation history (stored for user's access only, not for training)
Privacy-first: conversations not used for model training or research. No model author visibility into user conversations. Authenticated via HF account.
data: User-managed file storage with regional options
Data residency controls available on Team+ (US, EU, APAC coming). At-rest encryption on managed storage.
// What to watch
- ISO 27001 certification NOT held. Hugging Face positions SOC 2 Type II as equivalent for enterprise audits due to substantial control overlap. Organizations requiring ISO 27001 must assess SOC 2 Type II acceptability.
- HIPAA only available as Business Associate Agreement (BAA) on Enterprise plan. This is NOT full HIPAA compliance certification—only a contract vehicle for HIPAA-regulated customers. Full compliance responsibility remains with the customer organization.
- No evidence of PCI DSS, FedRAMP, CSA STAR, ISO 27017/27018/27701, or ISO 42001 (AI governance) certifications. Vendors requiring these must contact Hugging Face directly.
- Data residency features (EU/APAC regions) require Team or Enterprise plan. Free users store data in US by default.
- GDPR DPA and HIPAA BAA agreements only available on Enterprise plan ($50+/user/month). Team plan does not include these compliance addendums.
- SOC 2 Type II audit report is available 'under NDA from your account team'—not publicly available. Third-party verification limited.
- Feedback and aggregated usage data is reserved for Hugging Face use (learning/improvement), though it is anonymized. Privacy-conscious organizations should review terms carefully.
// At a glance
Pricing model
Freemium with tiered subscription. Free (basic public repos), Team ($20/user/month), Enterprise ($50+/user/month custom), Enterprise Plus (custom). Compute/storage available on PAYG model.
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Hugging Face, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
huggingface.co