// Trust & Security Report

    Stability AI, Inc. (Stability AI Ltd in EEA/UK/Switzerland; Stability AI US Services Corporation elsewhere) logo

    Stability AI, Inc. (Stability AI Ltd in EEA/UK/Switzerland; Stability AI US Services Corporation elsewhere)

    Stability AI's generative media stack built around the open-weight Stable Diffusion (and Stable Audio/Video/3D) model family: open-weight models under a Stability AI/Community License for self-hosting, a hosted Platform API, the enterprise-managed Brand Studio creative-production SaaS, and Cloud Platform integrations (e.g. AWS Bedrock)

    Certifications held

    4

    Maturity

    Growth

    Trains on your data

    Yes

    Trust center

    Yes

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2 Type II
    HELD

    Compliance SOC 2 Type 2 Resources View all Security Frameworks Stability AI Inc. SOC 2 Type 2 Report

    Verify on trust.stability.ai
    SOC 3
    HELD

    Stability AI Inc. SOC 3 Report

    Verify on trust.stability.ai
    SOC 2 Type II / SOC 3 (independent corroboration)
    HELD

    Stability AI Achieves SOC 2 Type II and SOC 3 Compliance, Reaching New Industry Standard for Enterprise-Grade Security ... an independent third-party auditor assessed five trust service criteria: security, availability, processing integrity, confidentiality, and privacy.

    Verify on stability.ai
    GDPR (posture, not a certification)
    HELD

    Stability processes your personal data on servers located outside of the European Economic Area ("EEA"), Switzerland, and the UK, including processing your personal data in our servers in the US. ... We rely on the SCCs as approved by the European Commission under Article 46 GDPR (and their approved equivalent for the UK and Switzerland). ... the data controller responsible for your personal data is Stability AI Ltd [EEA/UK/CH] or Stability AI US Services Corporation [elsewhere].

    Verify on stability.ai
    > Show 6 unconfirmed / not-held certifications
    ISO 27001
    NOT CONFIRMED

    no public evidence: trust.stability.ai's Compliance section lists only 'SOC 2 Type 2' under Security Frameworks; no ISO 27001 certificate, badge, or report appears anywhere on stability.ai or trust.stability.ai

    source: trust.stability.ai
    HIPAA
    NOT CONFIRMED

    no public evidence: no HIPAA/BAA reference on the Trust Center or Privacy Policy. Third-party badge aggregators (e.g. Nudge Security) list Stability AI as 'HIPAA Compliant' but this is not corroborated on any stability.ai or trust.stability.ai page and should be treated as an unverified overclaim.

    source: trust.stability.ai
    PCI DSS
    NOT CONFIRMED

    no public evidence on vendor domain; payments are not a core product surface and no PCI mention appears on the Trust Center

    source: trust.stability.ai
    ISO/IEC 42001 (AI management systems)
    NOT CONFIRMED

    no public evidence: not listed among the Trust Center's Compliance/Security Frameworks (only SOC 2 Type 2 is listed there)

    source: trust.stability.ai
    CSA STAR
    NOT CONFIRMED

    no public evidence on vendor domain; third-party aggregators claim 'CSA Star Level 1 Compliant' but this is not shown on trust.stability.ai's own Compliance section

    source: trust.stability.ai
    FedRAMP
    NOT CONFIRMED

    no public evidence on vendor domain; not applicable, no FedRAMP marketplace listing or Trust Center reference found

    source: trust.stability.ai

    // Privacy & AI training

    Trains on customer data

    Yes

    Data processing agreement

    Not offered

    Data region

    Hosted products (Platform API, Brand Studio, Stable Assistant) process data on servers outside the EEA/UK/Switzerland, including in the US, per the Privacy Policy; cross-border transfer relies on Standard Contractual Clauses and Article 45 adequacy decisions. AWS is listed as a subprocessor hosting production environments and the HPC training cluster. Self-hosted/open-weight deployments keep all data inside the customer's own chosen environment.

    Privacy Policy lists model training as a processing purpose: 'to improve and develop our Services and conduct research, including to train and improve our models and develop new product features.' Training on Inputs/Outputs is opt-out, not opt-in: 'When we use your Inputs and Outputs to train our models, you can opt-out of our use of this personal data for these training purposes' (via the Privacy Center). It is not documented on any public vendor page whether Enterprise/Brand Studio contracts carry a different (no-training-by-default) term than the self-serve API/consumer apps; self-hosted open-weight Stable Diffusion usage never sends data to Stability at all, so this concern is moot for that deployment mode.

    // Security controls

    Encryption

    Trust Center product-security controls list 'Data encryption utilized' and infrastructure controls list 'Encryption key access restricted'; 'Portable media encrypted' listed under organizational security. No further detail (e.g. specific TLS/AES versions) published.

    trust.stability.ai

    Access control

    'Unique production database authentication enforced' and 'Unique account authentication enforced' listed under Infrastructure security controls.

    trust.stability.ai

    Penetration testing

    'Penetration testing performed' listed under Product security controls; a '2025 Penetration Test Executive Report' is listed as an available resource (access-gated).

    trust.stability.ai

    Vulnerability disclosure

    Public Vulnerability Disclosure Program (VDP) with a dedicated policy and contact security@stability.ai.

    trust.stability.ai

    Business continuity / disaster recovery

    'Continuity and Disaster Recovery plans established' and 'tested' listed under Internal security procedures controls.

    trust.stability.ai

    Cyber insurance

    'Cybersecurity insurance maintained' listed under Internal security procedures controls.

    trust.stability.ai

    Data retention & deletion

    'Data retention procedures established' and 'Customer data deleted upon leaving' listed under Data and privacy controls.

    trust.stability.ai

    Subprocessors (transparency)

    Public subprocessor list includes Amazon Web Services (cloud hosting / HPC training cluster), Thorn (CSAM-filtering tooling), Cinder (content-policy monitoring), and OpenRouter (used only if the optional 'AI Enhance Prompt' feature is used, routing to Mistral AI or DeepInfra).

    trust.stability.ai

    // Products & data scope

    Stable Diffusion / Stable Audio / Stable Video / Stable 3D (open-weight models)Open-weight generative AI models (self-hosted)

    data: None reaches Stability's infrastructure when run locally or in a customer-controlled environment; governed by the Stability AI Community License or a commercial Stability AI License, not the hosted Privacy Policy.

    Strongest data-control posture of the product family: since inference runs on infrastructure the customer controls, none of Stability's own SOC 2/SOC 3 boundary or training-opt-out concerns apply.

    Platform API (platform.stability.ai)Hosted generative-media API (image/video/audio/3D)

    data: Prompts and generated Inputs/Outputs processed on Stability-managed cloud infrastructure (partly AWS); governed by the general Privacy Policy; training on Inputs/Outputs is opt-out via the Privacy Center.

    Primary hosted product covered by the SOC 2 Type II / SOC 3 Trust Center scope.

    Brand Studio (Enterprise)Enterprise-managed creative-production SaaS

    data: Customer brand/creative assets processed within Stability's managed environment for marketing/production workflows.

    Marketed with 'indemnification, expert support, compliance' for enterprise deployment; falls within the same Trust Center coverage as the Platform API, but enterprise contract terms (e.g. training opt-out defaults, DPA) were not independently verifiable on public pages.

    Self-Hosted License / Cloud Platforms (e.g. AWS Bedrock)Self-managed or partner-cloud deployment

    data: Runs in the customer's own cloud/on-prem environment or via a partner cloud marketplace (e.g. Amazon Bedrock); data governance is inherited from that environment, not from Stability's own SOC 2 audit boundary.

    Buyers should not assume Stability's SOC 2/SOC 3 badge covers this deployment mode; the relevant certifications are the customer's own or the partner cloud's (e.g. AWS).

    // What to watch

    • Overclaim risk: third-party compliance-badge aggregator sites (e.g. Nudge Security) list Stability AI as HIPAA, PCI, ISO 27001, FedRAMP, and CSA STAR compliant. None of these are corroborated by Stability's own Trust Center, which as verified lists only SOC 2 Type II and SOC 3 under its Compliance section. Do not surface these extra badges from third-party sources.
    • Full SOC 2 Type II / SOC 3 / 2025 penetration test reports are gated behind a 'Request access' NDA-style portal on trust.stability.ai; report titles and the audited trust-service criteria are public, but the underlying PDFs (exact audit period, sub-service organizations, noted exceptions) could not be independently opened for this assessment.
    • No standalone Data Processing Addendum (DPA) page was found on any Stability AI public domain; enterprise/API customers likely need to request one via sales, but this could not be confirmed with a vendor-domain proof URL, so dpa is recorded as false/unconfirmed rather than true.
    • AI training default: the Privacy Policy states Inputs/Outputs are used to train models by default with an opt-out via the Privacy Center. Public pages do not clarify whether Enterprise/Brand Studio contracts carry a different (no-training) default from the self-serve API/consumer apps.
    • Self-hosted Stable Diffusion and Cloud Platform deployments (e.g. via AWS Bedrock) sit outside Stability's own SOC 2/SOC 3 audit boundary; the customer inherits their own or the partner cloud's security posture in those modes, not Stability AI's certifications.

    // At a glance

    Pricing model

    Freemium consumer apps (e.g. Stable Assistant) plus usage-based Platform API credits, custom Enterprise Brand Studio plans, and Self-Hosted License fees

    Self-hostable

    Yes

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Stability AI, Inc. (Stability AI Ltd in EEA/UK/Switzerland; Stability AI US Services Corporation elsewhere)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    trust.stability.ai

    > Browse all vendor trust reports