// Trust & Security Report
Text United GmbH
OnePlatform translation management system (TMS): tiered from Self-Service FREE and Self-Service TEAM (individual/small team, self-serve MT + human review) up to OnePlatform (API integrations, SSO, automated workflows) and OneEnterprise (custom, supervised AI translation workflow, dedicated language AI engineering, model allowlisting, audit trails).
Certifications held
1
Maturity
Growth
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on textunited.com“"Text United GmbH, Attemsgasse 7 / D20, 1220 Vienna" is named as data Controller for site data; the Privacy Policy names a Data Protection Officer (Marek Piorkowski) and states "Our Data Processing Agreement is here" (linked), and outlines standard EU data-subject rights (access, rectification, erasure, portability). This is a compliance posture statement from an EU-domiciled (Austria) controller, not a third-party certification.”
> Show 8 unconfirmed / not-held certifications
source: textunited.comNo public evidence. No trust center, security page, or SOC 2 mention found on textunited.com privacy policy, terms & conditions, technology page, or blog. The company states it runs 'Enterprise-grade protection with secure IBM Cloud infrastructure' and is an 'IBM Silver Partner' - IBM Cloud itself holds SOC 2, but that is the host's certification, not Text United GmbH's own.
source: textunited.comNo public evidence of Text United holding ISO 27001 itself. A blog post makes only a generic, unattributed reference - 'ISO certifications reinforce this foundation with external audits and standardized security practices' - without naming a specific standard, certificate number, or auditor tied to Text United. This reads as vague marketing language, not a verifiable claim.
source: textunited.comno public evidence; no mention of HIPAA, BAAs, or healthcare-specific compliance anywhere on textunited.com
source: textunited.comno public evidence; not applicable/mentioned on vendor site
source: textunited.comno public evidence found on vendor domain
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Offered
Data region
Vendor is EU-domiciled (Vienna, Austria); a blog comparison table lists TextUnited's content residency as 'Defined, often EU-based' but a pricing-page FAQ ('What if my company requires EU-only data residency?') suggests EU-only residency is not guaranteed by default across all tiers and may require special arrangement. Hosting runs on IBM Cloud infrastructure (IBM Silver Partner).
Contradiction found between marketing copy and contractual terms. A vendor blog post states plainly: 'We never use your technical documents or terminology to train any AI models, period' and 'A guarantee that your data will never be used to train third-party AI models.' However, Section 2.5.4 of the live Terms & Conditions states: 'While the AI models are designed to learn and adapt based on the language data provided by the Licensee, the underlying algorithms and core functionality of the AI models remain the proprietary property of TextUnited' - implying the system does adapt/learn from customer terminology and translation memory within the product (standard TMS behavior), which sits in tension with the blog's absolute 'never, period' claim. Could not resolve whether the T&Cs clause refers only to in-account translation-memory personalization (not training a shared/foundation model) - this needs vendor confirmation before being surfaced as a firm claim.
// Security controls
Encryption in transit
Claimed: TLS 1.2+ for communication between user and TMS; a separate blog post claims 'End-to-end encryption for all data at rest and in transit.' No certification or third-party audit backs this claim.
textunited.comEncryption at rest
Claimed: AES-256, per marketing copy ('All data is secured with AES-256 encryption, hosted on IBM Cloud'). Not independently verified.
textunited.comAccess control
Role-based access control described; Single Sign-On (SSO) and two-factor authentication (2FA) offered on OnePlatform/OneEnterprise tiers.
textunited.comAudit trails
Vendor states audit trails track user actions, timestamps, revision histories, and file movements; model allowlisting and audit trails called out as OneEnterprise governance features.
textunited.comHosting infrastructure
Runs on IBM Cloud; vendor is described as an 'IBM Silver Partner.' IBM Cloud's own certifications (e.g. SOC 2, ISO 27001) belong to IBM as the host, not to Text United GmbH as the application vendor.
textunited.com// Products & data scope
data: 15,000 words/mo, 1 user
Entry tier, self-serve machine translation with limited review controls.
data: 100,000 words/mo, 10 users
Adds team collaboration; no SSO or API noted at this tier.
data: 500,000 words/mo, unlimited users
Adds API and integrations, automated workflows, and SSO.
data: Unlimited usage, custom pricing
Adds supervised AI translation workflow, dedicated language AI engineering, model allowlisting, and audit trails - the tier where governance claims concentrate, though none are backed by a named third-party certification.
// What to watch
- No trust center or dedicated security/certifications page found on textunited.com - all security claims live in marketing blog posts and FAQ headers, not a verifiable compliance document.
- Host-vs-vendor ambiguity: IBM Cloud infrastructure and 'IBM Silver Partner' status are repeatedly used to imply strong security, but IBM's own certifications are not Text United GmbH's certifications.
- Unresolved contradiction between a blog claim of 'never, period' training on customer data and Terms & Conditions Section 2.5.4 language that AI models 'are designed to learn and adapt based on the language data provided by the Licensee' - needs vendor clarification before either claim is surfaced as settled fact.
- Pricing-page FAQ answers to 'Who can see our content? Is it secure?' and 'Is my data used to train public AI models?' are rendered client-side (accordion) and were not retrievable as text during this review - a follow-up manual check of the live pricing page is recommended.
- No SOC 2, ISO 27001, or HIPAA evidence anywhere on the vendor's own domain; do not display any of these badges for this vendor.
// At a glance
Pricing model
Tiered SaaS subscription (word-volume + seat based) from free through custom enterprise pricing (OneEnterprise).
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Text United GmbH's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-09. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
textunited.com