// Trust & Security Report

    Perplexity AI, Inc. logo

    Perplexity AI, Inc.

    AI answer engine / conversational search (consumer, Pro/Max, Enterprise, and API)

    Certifications held

    6

    Maturity

    Enterprise

    Trains on your data

    Yes

    Trust center

    Yes

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2 Type 2
    HELD

    Compliance: SOC 2 ... Compliance: SOC 2 Type 2 Report

    Verify on trust.perplexity.ai
    HIPAA
    HELD

    Compliance: ... HIPAA ... HIPAA Gap Assessment Final.pdf

    Verify on trust.perplexity.ai
    GDPR
    HELD

    Compliance: ... GDPR ... Data Privacy Compliance Memo

    Verify on trust.perplexity.ai
    PCI DSS (SAQ A)
    HELD

    Compliance: ... PCI DSS - SAQ A ... PCI-DSS_2026.pdf

    Verify on trust.perplexity.ai
    FedRAMP 20x Low
    HELD

    Trust Center lists 'FedRAMP 20x: Perplexity AI: FedRAMP 20x Low Information ... Perplexity AI FedRAMP 20x Low OAR - 2026 Q1.docx'. FedRAMP Marketplace lists 'Perplexity Enterprise Pro for Government' as FedRAMP Authorized at the 20x Low impact level, status 'FedRAMP Certified' effective 'As of 2/1/2026'.

    Verify on fedramp.gov
    CSA CAIQ / VSA self-assessment
    HELD

    Self Assessments: CAIQ Lite (March 2026) ... VSA CORE (March 2026)

    Verify on trust.perplexity.ai
    > Show 1 unconfirmed / not-held certifications
    ISO 27001
    NOT CONFIRMED

    Not listed among the compliance frameworks on the Trust Center (which shows SOC 2, HIPAA, GDPR, PCI DSS - SAQ A, FedRAMP 20x).

    source: trust.perplexity.ai

    // Privacy & AI training

    Trains on customer data

    Yes

    Data processing agreement

    Offered

    Data region

    US-hosted (AWS / Amazon Bedrock, US subprocessors). No public self-serve EU data residency option found.

    Consumer tiers (Free, Pro, Max) have 'AI Data Retention' ENABLED BY DEFAULT, meaning queries may be used to train/improve Perplexity's models unless the user opts out via Account Settings > Preferences (opt-out applies to future data only). Enterprise and Enterprise Pro/Max are the opposite: organization data is never used to train or fine-tune Perplexity's models, and contracts with third-party model providers prohibit them from training on customer data. So default training behavior depends entirely on the product tier.

    // Security controls

    Penetration testing

    Performed; report available via Trust Center under Resources

    trust.perplexity.ai

    Bug bounty / VDP

    Private bug bounty on Bugcrowd plus a public Vulnerability Disclosure Program; AI-model issues (hallucination, jailbreak, prompt extraction) out of scope

    bugcrowd.com

    Encryption

    Data encryption utilized; encryption key access restricted; portable media encrypted (per Trust Center controls)

    trust.perplexity.ai

    Access control

    Unique production database authentication enforced; unique account authentication enforced

    trust.perplexity.ai

    Resilience

    Continuity and Disaster Recovery plans established and tested; cybersecurity insurance maintained

    trust.perplexity.ai

    Subprocessors

    AWS, Amazon Bedrock, Anthropic, Airbyte (all US) listed publicly

    trust.perplexity.ai

    // Products & data scope

    Perplexity (Free)Consumer AI search

    data: Queries collected; AI Data Retention ON by default (used for model training unless opted out)

    Lowest privacy tier; opt-out available but default-on training.

    Perplexity Pro / MaxConsumer/prosumer subscription

    data: Same default-on AI Data Retention as Free; user can disable training in settings

    Paid does not automatically mean no-training; opt-out toggle still required.

    Perplexity Enterprise / Enterprise Pro / MaxTeam/enterprise SaaS

    data: Org data never used for AI training; uploaded files auto-deleted after 7 days; SSO/admin controls; DPA available

    Strongest data protection tier; covered by SOC 2, HIPAA, DPA.

    Perplexity API (Sonar)Developer API

    data: API request data governed by API/enterprise terms; per docs not used to train Perplexity models

    Separate commercial terms from consumer app.

    // What to watch

    • Tier-dependent training: consumer tiers train on data BY DEFAULT (opt-out required); Enterprise does not train. Directory must not present a single training answer.
    • FedRAMP 20x Low is a finalized authorization: 'Perplexity Enterprise Pro for Government' is listed on the FedRAMP Marketplace (FR2604643715) as FedRAMP Authorized at the 20x Low impact level effective 2/1/2026. This authorization scope is the government enterprise offering, not the consumer app.
    • No ISO 27001 listed (confirmed absent from Trust Center and corroborated by third-party trust trackers; no public ISO 27001 or ISO/IEC 42001).
    • HIPAA is listed as a compliance framework but the only supporting artifact is a 'HIPAA Gap Assessment'; HIPAA-compliant use is scoped to Enterprise plans with an executed Business Associate Agreement (BAA), not consumer or API tiers.

    // At a glance

    Pricing model

    Freemium subscription (Free, Pro, Max) plus Enterprise seats and usage-based API (Sonar)

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Perplexity AI, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    trust.perplexity.ai

    > Browse all vendor trust reports