// Trust & Security Report
Jasper AI, Inc.
Jasper is an AI marketing platform featuring 100+ specialized agents for content creation, campaign management, and marketing automation with brand control features (Jasper IQ). Core products include AI Studio, Jasper Grid, Canvas, Marketing AI Editor, and various marketing-specific agents for performance, content, product, brand, and PR marketing.
Certifications held
5
Maturity
Enterprise
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on jasper.ai“Jasper is SOC 2 Type II certified and complies with GDPR, CCPA, PCI, and DPA requirements, with annual third-party penetration testing.”
Verify on jasper.ai“Data Processing Agreement available. Agreement applies to customers who have signed it or otherwise incorporated it into their contract with Jasper.”
> Show 4 unconfirmed / not-held certifications
source: jasper.aiNo public evidence found on jasper.ai domain pages. Mentioned in third-party security profiles (Nudge Security) but not confirmed on Jasper's official security, trust, or compliance pages.
source: jasper.aiHIPAA compliance is referenced for Jasper Health's CARE+ product (separate legal entity/product line), not for the main Jasper AI marketing platform. Main platform serves marketing teams, not healthcare compliance requirements.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
US-based data centers
Jasper explicitly states: 'Data and intellectual property entered into Jasper is NOT used to train underlying LLMs.' Customer inputs are not used to train Jasper's models or third-party LLM providers. Company does not retain ownership of user outputs.
// Security controls
Penetration Testing
Annual independent third-party network and application penetration tests; weekly internal and external vulnerability scans
jasper.ai// Products & data scope
data: Marketing content, brand guidelines, campaign data, customer audience profiles, product knowledge. Does NOT include customer training data for LLM training.
Main product offering: agent-based marketing workspace with 100+ specialized agents, content pipelines, brand control (Jasper IQ). Used by enterprise marketing teams (e.g., Adidas, Cushman & Wakefield).
data: Brand voice guidelines, style guides, audience profiles, product knowledge
Context layer that embeds brand guidelines, tone, and messaging into all outputs across the team.
data: Marketing content for AI search optimization
Newly announced agent for optimizing brand visibility in AI-powered search results.
data: API access to platform capabilities; MCP server allows brand context to travel into other AI tools
Enables programmatic access and integration with third-party AI tools while maintaining brand context.
// What to watch
- CERT_DISCREPANCY: Third-party security profiles (Nudge Security) claim Jasper holds ISO 27001, HIPAA, FedRamp, and CSA STAR certifications. However, these certifications are NOT explicitly mentioned on any primary jasper.ai domain pages (trust, security, enterprise, ethics, legal). The Nudge profile may be outdated or conflating certifications from different Jasper products.
- IDENTITY_CLARITY: 'Jasper Health' (separate entity) offers HIPAA-compliant CARE+ product. Main Jasper AI platform (marketing tools) does not claim HIPAA compliance, which is correct for a marketing-focused product.
- COMPLIANCE_PORTAL_RESTRICTED: Jasper maintains a compliance portal at security.jasper.ai (powered by SafeBase) that may contain additional certification details, but this portal is likely behind authentication and could not be accessed for verification.
- DATA_TRAINING_CLARITY: Jasper explicitly and consistently states across multiple pages that customer data is NOT used to train LLMs. This is a strong privacy commitment and differentiator.
- DPA_CONDITIONAL: DPA is available but only applies to customers who have signed it or incorporated it into their contract; not universally applied.
// At a glance
Pricing model
Subscription-based (free tier available, paid plans for Pro and Enterprise)
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Jasper AI, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
jasper.ai