// Trust & Security Report

    Together AI, Inc. logo

    Together AI, Inc.

    Together AI Cloud: full-stack AI infrastructure spanning Serverless Inference, Batch Inference, Dedicated Model/Container Inference, GPU Clusters (Compute, incl. H100/H200/B200/GB200), fine-tuning and model shaping (post-training), and research tooling.

    Certifications held

    3

    Maturity

    Growth

    Trains on your data

    No

    Trust center

    Yes

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2 Type II
    HELD

    Compliance: SOC 2 ... Resources: SOC 2 Type 2 / SOC 2 Type 2 Report ... Updated SOC 2 Type Report - Published June 17, 2026 - The latest SOC 2 Type 2 report is now available.

    Verify on trust.together.ai
    ISO/IEC 27001:2022
    HELD

    Compliance: ISO 27001:2022 ... Resources: ISO 27001:2022 / ISO 27001:2022 Certificate ... Announcing ISO 27001:2022 Certification - Published May 29, 2026 - I am very pleased to announce that Together AI is officially ISO 27001:2022 certified!!!

    Verify on trust.together.ai
    GDPR (posture / DPA)
    HELD

    Trust Center resources list: 'DPA / Data Processing Addendum'. Privacy Policy: 'If you are located in the European Economic Area (the "EEA"), Switzerland, or the United Kingdom (the "UK"), our legal basis for collecting and using the Personal Data described in this Policy will depend on the personal data concerned and the specific context in which we collect it.'

    Verify on trust.together.ai
    > Show 5 unconfirmed / not-held certifications
    HIPAA
    NOT CONFIRMED

    DISPUTED: A vendor blog post claims 'Together AI adheres to the stringent requirements of HIPAA, including data encryption in transit and at rest, audit logging, and strict business associate agreements (BAAs) with our partners' (together.ai/blog/soc-2-compliance), but the authoritative Trust Center's 'Compliance' section lists only SOC 2 and ISO 27001:2022 (no HIPAA badge/report), and the current Terms of Service explicitly prohibit customers from submitting such data: 'You will not use the Services to transmit or provide to the Company any financial or medical information of any nature or any sensitive personal data...' No BAA template, HIPAA attestation, or BAA program page was found on the vendor's own domain.

    source: together.ai
    PCI DSS
    NOT CONFIRMED

    No public evidence. Payment processing is handled by subprocessor Stripe (listed in Trust Center subprocessors); no PCI DSS attestation for Together AI itself found on vendor domain.

    source: trust.together.ai
    ISO/IEC 42001 (AI management system)
    NOT CONFIRMED

    No public evidence. Not listed in Trust Center compliance section or resources, and no mention found elsewhere on the vendor's own domain.

    source: trust.together.ai
    CSA STAR
    NOT CONFIRMED

    No public evidence on vendor's own domain. (A third-party aggregator page made an unsupported claim of 'CSA Star Level 1' but this could not be corroborated on together.ai or trust.together.ai and is disregarded per source rules.)

    source: trust.together.ai
    FedRAMP
    NOT CONFIRMED

    No public evidence on vendor's own domain. Not listed in Trust Center or on together.ai.

    source: trust.together.ai

    // Privacy & AI training

    Trains on customer data

    No

    Data processing agreement

    Offered

    Data region

    Trust Center subprocessor list shows Amazon Web Services (hosting/cloud infrastructure, USA) as the primary infrastructure subprocessor; Google Workspace (global), Okta (USA), Stripe (USA) also listed. Dedicated GPU cluster deployments are separately marketed across multiple global data-center locations for enterprise compute contracts, but no formal per-region data-residency guarantee for the inference/API product was found on the vendor's trust materials; enterprise customers should confirm residency terms contractually.

    Privacy Policy states: 'We do not use any data collected from you to train our models without your explicit opt-in and consent... Data that we collect, including your Personal Data, will not be used to train the Company's models without your explicit opt-in and consent.' A Zero Data Retention (ZDR) setting is also offered: under ZDR, submitted content and outputs 'are not stored, retained, or used for model training, product improvements, or any secondary purposes except as needed to provide the Services.' Net posture: training requires opt-in consent; ZDR is an additional stricter mode for customers who want no retention at all.

    // Security controls

    Encryption in transit

    Product security control listed: 'Data transmission encrypted'.

    trust.together.ai

    Background checks / org security

    Organizational security controls: employee background checks performed, code of conduct acknowledged and enforced, anti-malware technology utilized.

    trust.together.ai

    Penetration testing

    Product security control listed: 'Penetration testing performed' and 'Control self-assessments conducted'.

    trust.together.ai

    Infrastructure security

    Controls listed include unique production database authentication enforced, unique account authentication enforced, key management, plus 34 additional infrastructure security controls (not individually itemized on the summary page).

    trust.together.ai

    Data retention / deletion

    Controls listed: data retention procedures established, customer data deleted upon leaving, data classification policy established.

    trust.together.ai

    Business continuity

    Controls listed: continuity and disaster recovery plans established, cybersecurity insurance maintained, configuration management system established.

    trust.together.ai

    // Products & data scope

    Serverless InferenceManaged API inference for open-source/frontier models

    data: Prompts/outputs processed via Together's hosted API; covered by opt-in training policy and optional ZDR.

    The fastest way to run open-source models on demand, no infrastructure to manage.

    Batch InferenceBulk/offline inference API

    data: Same data-handling posture as serverless inference (opt-in training, optional ZDR).

    For large-volume, non-real-time workloads.

    Dedicated Model Inference / Dedicated Container InferenceReserved, single-tenant model endpoints

    data: Dedicated compute instance for the customer; isolated from shared multi-tenant serving.

    Aimed at enterprise customers needing predictable performance and isolation.

    GPU Clusters (Compute)On-demand and reserved GPU infrastructure (H100/H200/B200/GB200)

    data: Customer-managed workloads on leased GPU clusters; broader data scope determined by customer's own use, not Together's model-serving stack.

    Marketed for training, fine-tuning, and large-scale AI workloads; separate compliance posture from the inference API since customers control the workload.

    Fine-tuning / Model ShapingCustom model training and post-training

    data: Customer-provided training data processed under the same privacy policy (opt-in consent required for use beyond providing the service).

    Positioned for teams building custom or domain-tuned models.

    // What to watch

    • OVER-CLAIM / CONTRADICTION: A Together AI blog post (together.ai/blog/soc-2-compliance) claims HIPAA adherence and BAAs with partners, but the vendor's own Trust Center compliance list omits HIPAA entirely, and the current Terms of Service explicitly forbid customers from submitting medical or financial information. Graded HIPAA held=false and flagged for advisor review; AIFOXX should not display a HIPAA badge for this vendor without direct vendor confirmation of an active BAA program.
    • Third-party aggregator content (a security-profile SEO site) claimed Together AI is also 'FedRAMP compliant' and 'CSA Star Level 1 compliant' with no vendor-domain corroboration found; these claims were rejected per the vendor-domain-only evidence rule and are not reflected as held certifications.
    • SOC 2 report, ISO 27001 certificate, and DPA are gated behind a 'Request access' flow on the Trust Center; only the summary/attestation text (not full report contents) was directly verifiable.
    • No explicit per-region data-residency commitment was found for the shared inference API product (only for dedicated GPU cluster contracts); enterprise buyers with residency requirements should confirm contractually.

    // At a glance

    Pricing model

    Usage-based API/compute pricing plus reserved/dedicated and enterprise contracts via sales ("Contact Sales").

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Together AI, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    trust.together.ai

    > Browse all vendor trust reports