// Trust & Security Report
Kyber Corp. dba Kaiber
Generative AI video/image creation suite (Canvas, Beat Sync, Editor)
Certifications held
3
Maturity
Startup
Trains on your data
No
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on kaiber.ai“If you are an individual in the United Kingdom or European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable United Kingdom and/or EU laws.”
> Show 1 unconfirmed / not-held certifications
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Not stated
Data region
United States
Terms of Service (last modified Oct 15, 2024) explicitly state: 'Kaiber will not use your User Content to train any generative AI models without your permission.' However, the same clause reserves broad rights over Usage Data: 'Kaiber will be free (during and after the term of this Agreement) to use Usage Data in de-identified or aggregated form to maintain, improve, train, finetune, and enhance Kaiber's current and future products' and lists 'textual inputs you provide to Kaiber' as an example of Usage Data. So generated/uploaded User Content is not used for model training without consent, but text prompts and telemetry may be used in de-identified/aggregated form. Privacy Policy also notes de-identified data may be used and shared for R&D. Users retain ownership of User Input and Output.
// Security controls
Stated security measures
Organizational, technical and administrative measures to protect against unauthorized access, misuse, loss, disclosure, alteration and destruction; no specifics (no named encryption standard, no SOC2/pentest evidence).
kaiber.aiBug bounty program
None found (no HackerOne or Bugcrowd program located).
Penetration testing
unknown / not disclosed
Data residency
Data processed in the United States; cross-border transfers acknowledged with 'appropriate safeguards' but no specific mechanism (SCCs/DPF) named.
kaiber.aiPayment data handling
Card data handled by third-party processor; Kaiber states it does not have direct access to credit card information.
kaiber.aiAge restriction
Services not intended for users under 18; minors not permitted to register.
kaiber.ai// Products & data scope
data: User Input (prompts, reference images, video) processed in US; routes to third-party 'Non-Kaiber Resources' / leading models (e.g., Nano Banana, Veo, Kling, Wan) whose own terms may apply.
Aggregates multiple third-party AI models; outputs may include Third-Party Content with usage restrictions. Kaiber disclaims warranty over third-party models.
data: User-uploaded audio tracks plus visuals; generates batches of beat-synced, captioned, platform-sized videos.
Processes uploaded music and lyric content; same US data scope and User Content protections as the rest of the Platform.
data: Assembles/polishes user-generated outputs; same account-level data scope.
Finishing tool within the unified workflow; no separate compliance scope identified.
data: Same Platform terms; distributed via Apple App Store and Google Play with additional store terms; device data collected.
Terms also reference superstudio.app domain. Carrier data rates and distribution-channel terms apply.
// What to watch
- No trust center or security page exists: /security, /trust, /trust-center, /compliance all return 404.
- No enterprise certifications (SOC 2, ISO 27001) found or claimed; normal for a creative-AI startup but means no third-party audited assurance.
- Favorable data-use stance: User Content not used to train models without permission, but de-identified Usage Data (including text prompts) and de-identified R&D data are used and may be shared.
- Heavy reliance on third-party AI models (Veo, Kling, Nano Banana, Wan, etc.) means user inputs may flow to external providers under their own terms.
- Privacy Policy last revised Oct 31, 2023; relatively dated. No DPA, no named encryption standard, no penetration-test or bug-bounty disclosure.
- No explicit data-deletion-on-termination guarantee for content; California/CCPA-specific disclosures not prominent.
// At a glance
Pricing model
Freemium / subscription with prepaid Service Credits (credits expire one year after purchase); free tier non-commercial only
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Kyber Corp. dba Kaiber's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
kaiber.ai