// Trust & Security Report

    Vidnoz Inc. logo

    Vidnoz Inc.

    Vidnoz AI video generation platform (AI avatars, voice cloning, video translation) plus a suite of free online AI media tools

    Certifications held

    2

    Maturity

    Growth

    Trains on your data

    Unknown

    Trust center

    No

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    ISO/IEC 27001:2022
    HELD

    ISO/IEC 27001:2022 Compliant. Vidnoz strictly adheres to ISO 27001 requirements, systematically examining the existing security risks and taking measures to ensure the highest level of protection for user data globally. [Vendor announcement, verbatim:] 'Vidnoz, an innovative AI tool platform, proudly announces its successful ISO/IEC 27001:2022 certification. ... To obtain ISO/IEC 27001:2022 certification, Vidnoz underwent a detailed and strict audit process ... a third-party audit team verified the company's robust security controls, including Vidnoz's intrusion prevention systems.'

    Verify on vidnoz.com
    GDPR (regulatory posture, not a certification)
    HELD

    Depending on the country in which you are located, we will only process your Personal Information based on a valid legal ground. ... Users may request to export personal data ... Users may request deletion ... Appeals: Users may appeal deletion or processing decisions via privacy@vidnoz.com.

    Verify on vidnoz.com
    > Show 2 unconfirmed / not-held certifications
    SOC 2 (Type I/II)
    NOT CONFIRMED

    No SOC 2 claim found on any Vidnoz page, press release, or policy document.

    source: vidnoz.com
    HIPAA
    NOT CONFIRMED

    No HIPAA compliance is claimed. (A university customer testimonial references medical-student teaching, but Vidnoz makes no HIPAA / BAA representation.)

    source: vidnoz.com

    // Privacy & AI training

    Trains on customer data

    Not stated

    Data processing agreement

    Not stated

    Data region

    unknown

    Vidnoz's main Privacy Policy (Last Update March 2026) and Terms (Oct 2024) do NOT explicitly say whether user Input/Output is used to train AI models. The Terms grant Vidnoz a broad license to 'access, use, host, cache, store, reproduce, transmit, display, publish, distribute, and modify for technical purposes Your Content but solely as required to be able to operate, improve, promote and provide the Services,' and the Privacy Policy says data is used 'to develop new products, services, features, and functionalities' and that aggregated/de-identified data is used 'to improve and add features.' Third-party summaries claim Vidnoz 'does not use user input data for AI training unless users voluntarily submit specific content (e.g. custom Avatar Lite/Pro or Voice Clones),' but this no-train statement could NOT be confirmed verbatim on a Vidnoz-owned page during this review, so it is treated as unverified. Net: ambiguous. Note Vidnoz processes biometric-grade data (face images for custom avatars, voice samples for voice cloning), which raises the sensitivity of this open question.

    // Security controls

    Encryption (in transit and at rest)

    Claimed: 'We implement appropriate physical, electronic, and managerial measures to protect user data, including encryption in transit and at rest, access controls, principle of least privilege, employee training, logging, and periodic security assessments.'

    vidnoz.com

    Periodic security assessments / third-party audit

    Privacy policy cites 'periodic security assessments.' ISO 27001 press release states 'a third-party audit team verified the company's robust security controls, including Vidnoz's intrusion prevention systems.' No dedicated penetration-test report or attestation published.

    prnewswire.com

    Bug bounty program

    None found. No HackerOne, Bugcrowd, or self-managed VDP/bug-bounty page located.

    vidnoz.com

    SSO

    Single sign-on across Vidnoz services advertised: 'With one account and a single login, you can securely access all AI services offered by Vidnoz.' Social/SSO login via Google, LinkedIn, Facebook, Microsoft.

    vidnoz.com

    Data retention & deletion

    Documented retention schedule by user/product type; deletion requests via privacy@vidnoz.com processed within a 72-hour target after identity verification; unregistered-user content auto-deleted after 7 days; backups may persist 30-90 days. Content generation monitored via 'automated detection and, if necessary, human review.'

    vidnoz.com

    Hosting infrastructure

    Vendor claims 'world-class server technology' and 'multi-layered security measures.' Third-party summaries cite AWS hosting, but this was not confirmed on a Vidnoz-owned page (treated as unverified).

    vidnoz.com

    // Products & data scope

    Vidnoz AIAI video generator (avatars, templates, voiceover)

    data: Account info, user input (text/scripts/images/video), generated Output. Free users 500MB storage retained while active; Pro unlimited. Inactive free accounts (>1 month) may be cleaned.

    Core consumer/SMB product. Free tier with daily credits, no card required.

    Custom AI Avatar / Expressive Avatar & Voice CloneBiometric AI (face/likeness + voice replication)

    data: Processes facial images and voice samples to create a digital twin / cloned voice. Biometric-grade personal data.

    Highest-sensitivity data path. Whether these voluntarily-submitted samples feed model training is the key unresolved question for procurement.

    Vidnoz AI Video TranslatorVideo localization / dubbing with lip-sync (140+ languages)

    data: Source video, audio, scripts. Same retention tiers as Vidnoz AI.

    Used by academic/enterprise customers for localization.

    Vidnoz Gen / Vidnoz VoiceGenerative media tools (image/video gen, AI voice/TTS)

    data: Unregistered/anonymous session content retained 7 days then auto-deleted; free registered 500MB; Pro unlimited.

    Distinct retention rules for anonymous users vs. Vidnoz AI.

    Vidnoz FlexVideo messaging / recording, hosting & sharing (sales/business)

    data: Recorded video, screen captures, sharing links, viewer engagement.

    Has a separate 'Vidnoz Flex Plan'; oriented to sales/communication use cases.

    Free Online AI ToolsTalking photo, face swap, headshot, background remover, voice changer, video enhancer, etc.

    data: Often usable without an account; uploaded media for one-off processing. The legacy 'ai-privacy-policy.html' states for face tools: 'We do not collect face data, nor do we share data with third parties. We just use photos with faces for talking.'

    Lower-friction consumer funnel; multiple narrowly-scoped tools.

    For Business / EnterpriseTeam & enterprise plans

    data: Customized services for businesses; 'Book a Demo' and Enterprise agreements (refunds do not apply to Enterprise agreements).

    Enterprise tier exists but has no separately published security/DPA documentation found in this review.

    // What to watch

    • ISO/IEC 27001:2022 is announced by the vendor on its own news page (https://www.vidnoz.com/news/20250108.html, Jan 8 2025) which explicitly states a 'successful ISO/IEC 27001:2022 certification' obtained via a 'detailed and strict audit process' by a 'third-party audit team', and the announcement was syndicated through Cision/PR Newswire to multiple outlets (Yahoo Finance, Manila Times, AAP, etc.). The claim is therefore better-supported than a bare marketing line. However, the issuing registrar/certification body is not named and no certificate document or accredited public-registry entry was located, so badge as 'vendor-reported' rather than independently verified.
    • No dedicated trust center, security portal, or downloadable compliance documents (SOC 2 / pen-test letter) - security claims are marketing-section and policy-text only.
    • Critical open question: whether customer Input (including biometric face images and cloned voice samples) is used to train Vidnoz models. Main Privacy Policy and Terms are ambiguous; a third-party 'no training unless voluntary' claim could not be confirmed on a Vidnoz-owned page.
    • Biometric/likeness processing (custom avatars, voice cloning) is a high-sensitivity data category with no published biometric-data or BAA/DPA addendum found.
    • Governing law is Hong Kong (Vidnoz Inc.); data residency / cross-border transfer specifics not disclosed.
    • No bug bounty / VDP program found.
    • AWS hosting and explicit GDPR/CCPA compliance appear only in third-party summaries, not confirmed verbatim on vendor pages.

    // At a glance

    Pricing model

    Freemium: free tier with daily credits (no card required), paid Pro plans per product (Vidnoz AI Plan, Vidnoz Flex Plan), plus custom Enterprise agreements.

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Vidnoz Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    vidnoz.com

    > Browse all vendor trust reports