// Trust & Security Report

    EZML Technologies Private Limited (Predis.ai) logo

    EZML Technologies Private Limited (Predis.ai)

    AI ad/creative generator and social media content suite: static and video ad creatives, UGC-style product ads, multi-platform post generation, and scheduling/auto-posting, offered on Core (individual), Rise (growing teams/agencies), and Enterprise+ plans, plus a separate developer API.

    Certifications held

    1

    Maturity

    Growth

    Trains on your data

    Unknown

    Trust center

    No

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    GDPR (posture, not a certification)
    HELD

    "If you are an individual from the European Economic Area (EEA), our legal basis for information collection and use depends on the personal information concerned and the context... Predis undertakes to provide you the same rights no matter where you choose to live." Also: "We do not sell any personal information" and customers can "request a GDPR-compliant Data Processing Addendum."

    Verify on predis.ai
    > Show 6 unconfirmed / not-held certifications
    SOC 2 (Type 1/2)
    NOT CONFIRMED

    No public evidence. No trust center, security page, or SOC 2 mention found on predis.ai (homepage, privacy policy, terms & conditions, CCPA notice, or LLM-info page).

    source: predis.ai
    ISO 27001
    NOT CONFIRMED

    No public evidence. Not mentioned anywhere on the vendor domain.

    source: predis.ai
    ISO/IEC 42001 (AI management system)
    NOT CONFIRMED

    No public evidence. Not mentioned anywhere on the vendor domain.

    source: predis.ai
    CSA STAR
    NOT CONFIRMED

    No public evidence. Not mentioned anywhere on the vendor domain.

    source: predis.ai
    HIPAA
    NOT CONFIRMED

    No public evidence. Not mentioned in privacy policy or terms; product is a marketing/ad-creative tool not positioned for PHI use, and no BAA is offered.

    source: predis.ai
    PCI DSS
    NOT CONFIRMED

    No public evidence. Payments are described only as 'non-refundable'; no PCI DSS statement found. Card processing is presumably handled by a third-party payment processor, not disclosed on-site.

    source: predis.ai

    // Privacy & AI training

    Trains on customer data

    Not stated

    Data processing agreement

    Offered

    Data region

    Per the privacy policy: data is processed and stored in the United States, the European Economic Area (EEA), and other countries where Predis operates, transferred under EU Standard Contractual Clauses (referred to on-site as 'EU Model Contractual Clauses'). A third-party (non-vendor-domain) source claimed EU/Frankfurt-only hosting for 'hosted plans,' but this could not be confirmed on predis.ai itself, so it is not treated as verified fact here.

    Privacy policy states "We do not share your information with any third party Creative Generation AI models or any third party AI Tools," but separately lists a data-use purpose "to monitor and enhance the performance of our inhouse AI models." This is ambiguous: it rules out sending personal data to third-party model providers but does not clearly confirm or deny whether user prompts/uploaded content/generated outputs are used to train Predis's own in-house models, and no explicit customer opt-out mechanism for this was found. Flagged for advisor follow-up.

    // Security controls

    Administrative/technical/physical safeguards

    "We have taken steps to implement appropriate administrative, technical & physical safeguards to prevent unauthorized access, use, modification, disclosure or destruction." No specifics (e.g. encryption algorithm, key management) are disclosed.

    predis.ai

    Encryption in transit/at rest

    Not specified in vendor-domain sources. A non-vendor-domain source described generic 'encryption, regular backups, and strict privacy protocols' but this could not be verified on predis.ai itself.

    Data retention

    Active account data deleted within 6 months of account termination; backup data deleted within 3 months after active deletion.

    predis.ai

    Data sale

    "We do not sell any personal information."

    predis.ai

    Liability for data loss/breach

    Terms disclaim guarantees: service not warranted error-free or virus-free, and "we do not guarantee that... loss of data will not occur." Total liability capped at the greater of fees paid or $100.

    predis.ai

    Account security responsibility

    "You are responsible for the security of Your passwords and for any use of Your account." No mention of SSO/2FA/enterprise IdP support.

    predis.ai

    // Products & data scope

    CoreIndividuals & small teams

    data: Prompts, product links/images, brand assets (1 brand), connected social channels (up to 10) for posting

    Entry tier; no auto-posting; standard generation speed; API access included per pricing page.

    RiseGrowing businesses & agencies

    data: Same data types as Core across up to 4 brands, 20 connected channels, competitor-analysis data ingestion

    Most popular tier; adds auto-posting and API access.

    Enterprise+Organization-wide scale

    data: Unlimited brands, up to 60 connected channels, 600 competitor runs/month

    No public evidence of enterprise-specific security add-ons (e.g. SSO, dedicated tenancy, custom DPA terms) beyond the standard DPA-on-request; buyers should request these directly.

    Predis APIDeveloper / programmatic access

    data: Same generative pipeline invoked programmatically; product/brand data submitted via API calls

    Documented at predis.ai/resources/predis-api/; no separate security documentation found for the API surface.

    // What to watch

    • No evidence of SOC 2, ISO 27001, ISO 42001, CSA STAR, HIPAA, or PCI DSS anywhere on the vendor domain — all graded held=false as 'no public evidence,' not confirmed absence via an explicit vendor denial.
    • AI-training posture is ambiguous and internally inconsistent: policy denies sharing data with third-party AI models but separately says data is used 'to monitor and enhance the performance of our inhouse AI models,' with no visible opt-out. Needs direct vendor confirmation before being stated as fact in a listing.
    • A non-vendor-domain source claimed EU/Frankfurt-only data hosting for 'hosted plans' that could not be corroborated on predis.ai; excluded from verified facts to avoid fabrication.
    • Legal entity (EZML Technologies Private Limited, India) confirmed via the vendor's own site footer copyright line plus independent corporate registries (Tracxn, ClearTax, ZaubaCorp) — identity is not in question, but this is a small, India-based private company, not a large enterprise vendor, despite marketing claiming '6.4M+ users.'

    // At a glance

    Pricing model

    Subscription tiers (Core/Rise/Enterprise+) priced on monthly AI-generation credits, with annual discount (~40-50% off) and paid add-ons (extra brands, social channels, credits)

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on EZML Technologies Private Limited (Predis.ai)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-07-08. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    predis.ai

    > Browse all vendor trust reports