// Trust & Security Report

    Kyber Corp. dba Kaiber logo

    Kyber Corp. dba Kaiber

    Generative AI video/image creation suite (Canvas, Beat Sync, Editor)

    Certifications held

    3

    Maturity

    Startup

    Trains on your data

    No

    Trust center

    No

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2
    HELD
    ISO 27001
    HELD
    GDPR
    HELD

    If you are an individual in the United Kingdom or European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable United Kingdom and/or EU laws.

    Verify on kaiber.ai
    > Show 1 unconfirmed / not-held certifications
    HIPAA
    NOT CONFIRMED

    // Privacy & AI training

    Trains on customer data

    No

    Data processing agreement

    Not stated

    Data region

    United States

    Terms of Service (last modified Oct 15, 2024) explicitly state: 'Kaiber will not use your User Content to train any generative AI models without your permission.' However, the same clause reserves broad rights over Usage Data: 'Kaiber will be free (during and after the term of this Agreement) to use Usage Data in de-identified or aggregated form to maintain, improve, train, finetune, and enhance Kaiber's current and future products' and lists 'textual inputs you provide to Kaiber' as an example of Usage Data. So generated/uploaded User Content is not used for model training without consent, but text prompts and telemetry may be used in de-identified/aggregated form. Privacy Policy also notes de-identified data may be used and shared for R&D. Users retain ownership of User Input and Output.

    // Security controls

    Stated security measures

    Organizational, technical and administrative measures to protect against unauthorized access, misuse, loss, disclosure, alteration and destruction; no specifics (no named encryption standard, no SOC2/pentest evidence).

    kaiber.ai

    Bug bounty program

    None found (no HackerOne or Bugcrowd program located).

    Penetration testing

    unknown / not disclosed

    Data residency

    Data processed in the United States; cross-border transfers acknowledged with 'appropriate safeguards' but no specific mechanism (SCCs/DPF) named.

    kaiber.ai

    Payment data handling

    Card data handled by third-party processor; Kaiber states it does not have direct access to credit card information.

    kaiber.ai

    Age restriction

    Services not intended for users under 18; minors not permitted to register.

    kaiber.ai

    // Products & data scope

    Kaiber CanvasGenerative AI workspace (image/video/clip generation)

    data: User Input (prompts, reference images, video) processed in US; routes to third-party 'Non-Kaiber Resources' / leading models (e.g., Nano Banana, Veo, Kling, Wan) whose own terms may apply.

    Aggregates multiple third-party AI models; outputs may include Third-Party Content with usage restrictions. Kaiber disclaims warranty over third-party models.

    Kaiber Beat SyncMusic-synced video generation

    data: User-uploaded audio tracks plus visuals; generates batches of beat-synced, captioned, platform-sized videos.

    Processes uploaded music and lyric content; same US data scope and User Content protections as the rest of the Platform.

    Kaiber EditorTimeline video editor

    data: Assembles/polishes user-generated outputs; same account-level data scope.

    Finishing tool within the unified workflow; no separate compliance scope identified.

    Mobile Apps (iOS / Android)Mobile creative apps

    data: Same Platform terms; distributed via Apple App Store and Google Play with additional store terms; device data collected.

    Terms also reference superstudio.app domain. Carrier data rates and distribution-channel terms apply.

    // What to watch

    • No trust center or security page exists: /security, /trust, /trust-center, /compliance all return 404.
    • No enterprise certifications (SOC 2, ISO 27001) found or claimed; normal for a creative-AI startup but means no third-party audited assurance.
    • Favorable data-use stance: User Content not used to train models without permission, but de-identified Usage Data (including text prompts) and de-identified R&D data are used and may be shared.
    • Heavy reliance on third-party AI models (Veo, Kling, Nano Banana, Wan, etc.) means user inputs may flow to external providers under their own terms.
    • Privacy Policy last revised Oct 31, 2023; relatively dated. No DPA, no named encryption standard, no penetration-test or bug-bounty disclosure.
    • No explicit data-deletion-on-termination guarantee for content; California/CCPA-specific disclosures not prominent.

    // At a glance

    Pricing model

    Freemium / subscription with prepaid Service Credits (credits expire one year after purchase); free tier non-commercial only

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Kyber Corp. dba Kaiber's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    kaiber.ai

    > Browse all vendor trust reports