// Trust & Security Report
Veed Limited
Browser-based AI video creation and editing platform (VEED) — includes the core web video editor, AI subtitles/dubbing/avatars/image generation tools, a mobile app, an API, and a Business/Enterprise tier with additional legal and security terms
Certifications held
2
Maturity
Growth
Trains on your data
Yes
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on trust.veed.io“VEED has successfully completed its SOC 2 Type II audit for Security... The independent assessment, conducted by Prescient Assurance, evaluated the design and operating effectiveness of our controls between November 4, 2025 and February 4, 2026.”
Verify on support.veed.io“Yes, we comply with GDPR and the CPPA. We have users from all over the world and are therefore required to abide by local data privacy laws and regulations. We have incorporated the European SCC into our Data Processing Agreements (DPAs). DPAs are available for Enterprise plan customers.”
> Show 6 unconfirmed / not-held certifications
source: trust.veed.ioNo public evidence. Veed's own trust center (trust.veed.io) lists only 'SOC 2' under its Compliance section and its resource list (SOC-2 Type2 Report, penetration test reports, internal policies) contains no ISO 27001 certificate. Third-party badge-aggregator sites (e.g. nudgesecurity.com) claim VEED is 'ISO 27001 Compliant', but this is not corroborated anywhere on veed.io, support.veed.io, or trust.veed.io.
source: support.veed.ioVEED's Code of Conduct instructs users not to upload 'protected health information subject to the Health Insurance Portability and Accountability Act (HIPAA) or other information regarding an individual's medical history, mental or physical condition, or medical treatment or diagnosis by a health care professional.' No BAA is offered.
source: trust.veed.ioNo public evidence. Not listed on trust.veed.io, veed.io/security, or any support.veed.io article. Payment processing is handled by a third-party payment provider rather than being disclosed as an in-scope VEED control.
source: trust.veed.ioNo public evidence. Not mentioned anywhere on VEED's own domain; FedRAMP applies to US federal government cloud services and VEED is a UK-headquartered consumer/SMB SaaS product with no federal authorization listed.
source: trust.veed.ioNo public evidence. Not present on trust.veed.io's compliance or resources sections.
source: trust.veed.ioNo public evidence. VEED's trust center and security pages describe general infosec controls but do not reference an AI management system certification.
// Privacy & AI training
Trains on customer data
Yes
Data processing agreement
Offered
Data region
EU (Google Cloud Platform, europe-west1), per VEED's own security FAQ
VEED's privacy policy states it may use content from users on the Free subscription tier 'to develop or improve our Applications... This processing activity includes training and developing any relevant artificial intelligence models,' excluding content submitted via the mobile app. Free-tier users can object, but to actually stop the processing they must delete their account or upgrade to a paid subscription rather than toggle a simple opt-out while remaining on the free tier. Separately, VEED's AI-tools content policy states users 'own' their AI-generated images but grant Veed Limited the right to host them and 'use them to market and improve our products and services,' which is broader than pure model-training language.
// Security controls
Encryption in transit and at rest
Data is encrypted in transit and at rest using AES / TLS
support.veed.ioThird-party penetration testing
External security testing performed at least once every 12 months; a 2026 penetration test report and remediation status are published in the trust center
trust.veed.ioBusiness continuity / disaster recovery
Documented Business Continuity and Disaster Recovery Plan; controls list includes tested continuity/DR plans and cybersecurity insurance
trust.veed.ioSubprocessor disclosure
Public subprocessor list maintained on trust center (Cloudflare, Google Cloud Platform, Dolby, Cleanvoice, Sieve, plus Meta/TikTok for marketing analytics)
trust.veed.io// Products & data scope
data: User-uploaded video, audio and image content; account/profile data; usage analytics
Free-tier uploaded content may be used to train VEED's AI models unless the account is deleted or upgraded to paid; no DPA available at this tier.
data: User-uploaded video/audio content from mobile devices
Explicitly excluded from the AI-training data pool per the privacy policy, unlike the web product.
data: Same content types as the web editor, plus admin/org-level account data
Only tier where a Data Processing Agreement incorporating EU Standard Contractual Clauses is made available; SOC 2 Type II report accessible via trust center request.
data: Video/audio payloads submitted via API calls
Runs on the same underlying infrastructure and subprocessor list as the web product; no API-specific compliance documentation found.
// What to watch
- Third-party badge-aggregator sites (e.g. nudgesecurity.com) claim VEED holds ISO 27001, HIPAA, PCI DSS, FedRAMP, and CSA STAR certifications. None of these appear on VEED's own trust center, security page, or privacy/support articles, and VEED's Code of Conduct explicitly asks users not to upload HIPAA-regulated data - treat the aggregator's claims as unverified over-claims, not vendor-asserted facts.
- Free-tier user content is used by default to train VEED's AI models; opting out requires deleting the account or moving to a paid plan rather than a simple toggle, which is a meaningful privacy caveat for free-tier users.
- DPA / SCC coverage is limited to Enterprise-tier customers; Free and self-serve paid customers do not appear to have DPA access based on published documentation.
- VEED's AI-tools terms grant the company a broad, transferable license to host and use AI-generated user images to 'market and improve' its products, beyond what is strictly needed for model training disclosure.
// At a glance
Pricing model
Freemium SaaS subscription (Free, Lite/Pro paid tiers, and a Business/Enterprise tier with custom contracts)
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Veed Limited's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
trust.veed.io