// Trust & Security Report
Taskade Inc.
Taskade is an AI-native workspace platform ("Taskade Genesis") combining real-time collaborative docs/tasks, AI agents, and no-code automation workflows, sold in Free/Pro/Business consumer-team tiers plus a separate Enterprise tier with SSO/SCIM/DPA.
Certifications held
1
Maturity
Growth
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on taskade.com“CASA certified, meeting OWASP Application Security Verification Standard (ASVS) Level 2”
> Show 12 unconfirmed / not-held certifications
source: taskade.comCompliance efforts in progress. Current practices are designed to align with SOC 2 requirements but certification is not yet complete.
source: taskade.comSecurity management system aligned with international standards (certification in progress)
source: trust.taskade.comNo public evidence: not mentioned on Taskade's trust center, security page, or privacy policy.
source: trust.taskade.comNo public evidence: not mentioned on Taskade's trust center, security page, or privacy policy.
source: trust.taskade.comNo public evidence: not mentioned on Taskade's trust center, security page, or privacy policy.
source: trust.taskade.comNo public evidence: not mentioned on Taskade's trust center or security page. No AI-governance-specific certification is claimed.
source: taskade.comPractices designed to align with General Data Protection Regulation principles (full compliance in progress)
source: taskade.comPractices aligned with California Consumer Privacy Act requirements (compliance in progress)
source: trust.taskade.comNo public evidence: HIPAA is not mentioned anywhere on Taskade's trust center, security page, or privacy policy. No BAA is offered.
source: trust.taskade.comNo public evidence: not mentioned on Taskade's trust center or security page (payment processing is handled via a third-party processor, not disclosed as PCI DSS certified by Taskade itself).
source: trust.taskade.comNo public evidence: not mentioned on Taskade's trust center or security page.
source: trust.taskade.comNo public evidence: not mentioned on Taskade's trust center or security page.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
Primary infrastructure hosted on Amazon AWS in the US East region, with Cloudflare for content delivery; enterprise customers may be offered data residency preferences (specific alternate regions not disclosed).
Taskade's own privacy policy states: 'We do not use or access your data for developing, improving, or training generalized or non-personalized AI and/or machine learning models.' For third-party AI providers (OpenAI, Anthropic, Google) used within the product, Taskade states it contractually prohibits them from training general models on customer data but discloses it 'cannot guarantee third-party compliance and disclaim liability for provider practices beyond our reasonable control.' No tier-based contradiction found between the security page and privacy policy on this point.
// Security controls
Encryption at rest
Automated backups encrypted with AES-256; automation credentials stored in an encrypted vault (AES-256)
taskade.comEncryption in transit
Encrypted connections with SSL/TLS certificate validation; message-level encryption for document synchronization
taskade.comSSO / Identity
SAML 2.0 SSO integration, OAuth 2.0 and JWT token validation, multi-factor authentication (MFA) enforcement, SCIM 2.0 user provisioning
taskade.comAccess control
Row-level security (RLS) policies; unique network system authentication enforced; remote access encrypted; network firewalls utilized
trust.taskade.com// Products & data scope
data: Team workspace content, tasks, documents, chat; standard AWS US-East hosting
Core consumer/SMB product; no SSO/SCIM/DPA at these tiers per vendor security page.
data: Workspace data plus prompts/content passed to third-party model providers (OpenAI, Anthropic, Google) for inference
Taskade states it does not train its own models on customer data and contractually restricts third-party model providers from training on it, but cannot guarantee third-party compliance.
data: Same workspace data model with added identity and compliance controls
Adds SAML SSO, SCIM provisioning, MFA enforcement, and Data Processing Agreements; enterprise customers may get data residency preferences. This is the tier most relevant for compliance-conscious buyers.
// What to watch
- Vendor's own security page candidly discloses SOC 2 Type II, ISO 27001, GDPR, and CCPA are all 'in progress' / not yet certified as of this review - this is an honest disclosure, not an over-claim, but AIFOXX should not list these as held certifications.
- No independent (non-vendor) confirmation of any cert status was found via web search; assessment relies entirely on vendor's own trust center and security page self-attestation.
- HIPAA is not addressed at all (no BAA offering found) - treat as unsuitable for regulated health data workflows until stated otherwise.
- Third-party AI model providers (OpenAI, Anthropic, Google) are used for inference; Taskade's no-training guarantee for these providers is contractual, not independently verified, and vendor itself disclaims liability for third-party non-compliance.
- Trust center (trust.taskade.com) is a lightly-populated SafeBase-style page with most substantive detail redirecting to www.taskade.com/security; some trust center sections (Resources, Media) were sparse or crawler-inaccessible.
// At a glance
Pricing model
Freemium SaaS (Free / Pro / Business / Enterprise tiers), subscription-based
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Taskade Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
trust.taskade.com