// Trust & Security Report
Looka Inc
AI-powered logo design and brand identity platform. Core offerings: Logo Maker (AI-generated logo designs with editor), Brand Kit (300+ branded marketing templates), Social Media Kit, Business Cards, and website builder. Designed for entrepreneurs and small businesses.
Certifications held
0
Maturity
Growth
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
> Show 8 unconfirmed / not-held certifications
source: looka.comNo public evidence of SOC 2 certification found on vendor website or public documentation
source: looka.comNo public evidence of ISO 27001 certification found on vendor website or public documentation
source: looka.comNo public evidence of ISO 27017 certification found on vendor website or public documentation
source: looka.comNo public evidence of ISO 27018 certification found on vendor website or public documentation
source: looka.comNo vendor-domain evidence found. GDPR compliance is asserted only by a third-party review site (toolworthy.ai: 'Looka encrypts data in transit and complies with GDPR') and could not be confirmed on Looka's own privacy policy, which blocks automated access. Treat as unverified until confirmed in vendor documentation.
source: looka.comNo vendor-domain evidence found. CCPA compliance is asserted only by a third-party review site (toolworthy.ai: 'Looka is compliant with CCPA (California Consumer Privacy Act)') and could not be confirmed on Looka's own privacy policy. Treat as unverified until confirmed in vendor documentation.
source: tracxn.comWhile one secondary source claims HIPAA compliance, no direct evidence found on Looka's official website or dedicated security documentation
source: looka.comNo public evidence of direct PCI DSS certification; however, Looka uses PCI-DSS compliant third-party payment processors for credit card transactions
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Not offered
Data region
Unknown - likely North America and EU given Canadian headquarters and GDPR compliance
AI training on customer design data is NOT documented on Looka's own site. Third-party reviews (toolworthy.ai, skywork.ai) claim Looka's AI 'continuously learns from user design selections,' but this is unconfirmed in vendor documentation and must not be stated as fact. Looka's home page describes an 'AI-powered platform' where 'artificial intelligence does the heavy graphic design lifting.' Users receive full copyright ownership of their final customized logo, while individual component assets (fonts, symbols) remain part of Looka's shared library (per vendor help center). Whether customer designs are used to train or improve the model, and whether any opt-out exists, is undisclosed.
// Security controls
Secure Payment Processing
Yes - uses PCI-DSS compliant third-party payment processors via SSL
help.looka.comVulnerability Disclosure Program
Yes - active program accepting security researcher reports
looka.comData Retention
Conversation and logo design data not stored by default unless user opts in for additional services
toolworthy.ai// Products & data scope
data: Business name, industry, style preferences, color choices, symbol selections, design customizations
Generates 100+ custom logo mockups; users can edit and customize designs; includes 15+ file formats (SVG, PNG, EPS, PDF) in color, black & white, and transparent variants
data: Logo design data, brand colors, fonts, user customizations
300+ branded templates (invoices, flyers, email signatures, social media assets) automatically generated based on user's logo design
data: Logo and brand guidelines data
Pre-sized assets for YouTube, Twitter, Facebook, Instagram profiles and stories matching user's brand identity
data: Logo and brand data
20 professional design templates; integration with printing services
data: Logo, brand kit, custom domain information
Website creation tool integrated with Looka ecosystem; supports custom domains and SSL certificates
// What to watch
- No dedicated trust center or security documentation page found - information scattered across help center, privacy policy, and secondary sources
- Direct access to privacy policy and terms pages blocked by 403 Forbidden error; evidence of GDPR/CCPA compliance comes from secondary vendor review sites, not direct vendor documentation
- HIPAA compliance claim appears in one secondary source (Tracxn) but is not explicitly stated on Looka's official website; likely over-claim or misattribution
- AI training on customer design data is NOT confirmed on vendor documentation; the claim originates from third-party review sites only. Vendor does not disclose whether user design selections are used to train/improve the model or whether an opt-out exists (undisclosed, not verified either way).
- No formal certifications (SOC 2, ISO 27001, ISO 27017/27018) found; growth-stage company (36 employees, $8.8M revenue) typical for this maturity level
- PCI compliance is achieved via third-party payment processors, not direct vendor certification
// At a glance
Pricing model
Freemium with one-time purchase option; free logo generator with limited features, paid plans for full features and downloads
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Looka Inc's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
looka.com