// Trust & Security Report

    Wisecut (Wisecut, Inc. / entity per Customer Agreement Section 14, unconfirmed) logo

    Wisecut (Wisecut, Inc. / entity per Customer Agreement Section 14, unconfirmed)

    AI video editor that turns long-form video into short clips: highlight detection, auto captions/translation, storyboard editing, silence removal, smart background music. Tiers span Free, Starter/Starter+, Professional/Professional+, an 'Autopilot' agentic auto-clipping product, and a custom Enterprise plan.

    Certifications held

    0

    Maturity

    Startup

    Trains on your data

    Yes

    Trust center

    No

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    > Show 9 unconfirmed / not-held certifications
    SOC 2 (Type 1 or 2)
    NOT CONFIRMED

    No public evidence. No trust center exists; Privacy Notice and Customer Agreement only reference 'reasonable administrative, technical, and physical security measures' with no named framework or audit.

    source: wisecut.ai
    ISO 27001
    NOT CONFIRMED

    No public evidence. Not mentioned on privacy notice, customer agreement, acceptable use policy, or homepage.

    source: wisecut.ai
    GDPR (posture)
    NOT CONFIRMED

    The only GDPR-compliance statement found on the privacy notice is about the embedded Microsoft Clarity analytics tool ('Clarity is GDPR-compliant as a data controller'), not a statement Wisecut makes about itself as a data controller for its own processing. Wisecut's own text says personal information 'may be stored in or accessed from multiple countries, including the United States' with no GDPR mechanism (SCCs, EU rep, DPA) described.

    source: wisecut.ai
    HIPAA
    NOT CONFIRMED

    No public evidence. Acceptable Use Policy and Privacy Notice do not mention HIPAA, BAAs, or healthcare data handling.

    source: wisecut.ai
    PCI DSS
    NOT CONFIRMED

    No public evidence; payments are almost certainly outsourced to a third-party processor but no PCI statement is published.

    source: wisecut.ai
    ISO 27017 / 27018 / 27701
    NOT CONFIRMED

    No public evidence found on any vendor-owned page.

    source: wisecut.ai
    ISO/IEC 42001 (AI management system)
    NOT CONFIRMED

    No public evidence. No AI-governance certification is referenced anywhere on the site.

    source: wisecut.ai
    CSA STAR / CSA STAR for AI
    NOT CONFIRMED

    No public evidence found on any vendor-owned page.

    source: wisecut.ai
    FedRAMP
    NOT CONFIRMED

    No public evidence; not applicable, this is a consumer/SMB video tool with no government-authorization claims.

    source: wisecut.ai

    // Privacy & AI training

    Trains on customer data

    Yes

    Data processing agreement

    Not offered

    Data region

    Privacy Notice states personal information 'may be stored in or accessed from multiple countries, including the United States.' No specific data-residency guarantee (e.g. EU-only storage) is offered.

    The Customer Agreement contains an explicit consent clause: users 'consent to our use of Your Content and any associated data to train and improve our artificial intelligence models,' with a stated commitment that Wisecut 'will not publicly share such content' during that process. No opt-out mechanism, no tier-based exception (e.g. Enterprise opt-out), and no separate AI-specific policy page were found on any vendor-owned page, so this appears to apply uniformly across plans including paid tiers. This is a material disclosure AIFOXX should surface to buyers.

    // Security controls

    Named security certifications

    None published. Only generic language: 'reasonable administrative, technical, and physical security measures.'

    wisecut.ai

    Data Processing Agreement (DPA)

    No DPA page or downloadable DPA found on the vendor's own domain. Not addressed in the Customer Agreement or Privacy Notice.

    wisecut.ai

    Content/data retention

    Free accounts: projects expire after 7 days (may be deleted if inactive 30 days). Starter/Starter+/Professional/Professional+: 30-day project retention.

    wisecut.ai

    AI training on customer content

    Explicit consent clause in Customer Agreement; no stated opt-out.

    wisecut.ai

    Analytics / third-party tracking

    Uses Microsoft Clarity (session replay/heatmaps) on the marketing site; Clarity's own GDPR/CCPA compliance is cited, which is the sub-processor's posture, not an independent Wisecut certification.

    wisecut.ai

    Liability limitation

    Aggregate liability capped at fees paid in the prior 12 months; indirect/consequential damages and data loss disclaimed.

    wisecut.ai

    // Products & data scope

    FreeConsumer

    data: Uploaded video/audio content, transcripts

    30 min processing/mo, 4GB file limit, projects expire after 7 days. Content is subject to the AI-training consent clause in the Customer Agreement.

    Starter / Starter+Prosumer / small team

    data: Uploaded video/audio content, transcripts, connected social accounts (Starter+ Social Hub)

    480 min/mo, 1080p, 30-day project retention. No published security/compliance differentiation from Free.

    Professional / Professional+Business

    data: Uploaded video/audio content, transcripts, connected social accounts (Professional+ multi-account Social Hub)

    1,800 min/mo, 4K, 30-day project retention. No published security/compliance differentiation from lower tiers.

    AutopilotAgentic / automation

    data: Monitored YouTube channel content, auto-generated clips, connected posting/scheduling accounts

    Autonomously pulls from a connected YouTube channel and auto-posts; broadens the data footprint (third-party platform access) beyond direct uploads. No distinct security disclosure found.

    EnterpriseEnterprise / API

    data: Custom, contact-required (API access, higher volume)

    No public page describing enterprise-specific security terms, custom DPA availability, or an AI-training opt-out; requires direct vendor contact to confirm any of this before enterprise procurement.

    // What to watch

    • No trust center, no named security certifications (SOC 2, ISO 27001, HIPAA, or AI-governance certs) found anywhere on the vendor's own domain after direct search and page fetches of privacy notice, customer agreement, acceptable use policy, business page, and pricing page.
    • Material AI-training disclosure: the Customer Agreement has customers consent to using their content to train Wisecut's AI models, with no visible opt-out and no tier-based exception, including on paid Professional/Enterprise tiers.
    • Privacy Notice's only GDPR-compliance statement is about the embedded Microsoft Clarity analytics sub-processor, not a first-party Wisecut GDPR posture statement; buyers should not read this as Wisecut itself claiming GDPR data-controller compliance.
    • Legal entity name is unconfirmed: third-party registries disagree (Crunchbase lists 'Wisecut, Inc.', Bloomberg lists 'Wisecut LLC'); the Customer Agreement references a 'Wisecut Contracting Party' defined elsewhere but that definition was not retrievable from the fetched text.
    • No Data Processing Agreement (DPA) was found publicly; enterprise/EU buyers needing a DPA should confirm availability directly with Wisecut before purchase.

    // At a glance

    Pricing model

    Freemium SaaS: Free tier + tiered monthly/annual subscriptions (Starter, Starter+, Professional, Professional+, Autopilot) by processing minutes/resolution, plus a custom-quoted Enterprise tier.

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Wisecut (Wisecut, Inc. / entity per Customer Agreement Section 14, unconfirmed)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-07-09. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    wisecut.ai

    > Browse all vendor trust reports