// Trust & Security Report

    Wolfram|Alpha LLC (a Wolfram Research, Inc. company) logo

    Wolfram|Alpha LLC (a Wolfram Research, Inc. company)

    Wolfram|Alpha computational answer engine: free consumer web tool, Wolfram|Alpha Pro (paid step-by-step subscription), Wolfram|Alpha API / Commercial API (developer integration), Wolfram Notebook Assistant + LLM Kit (AI assistant layered on Wolfram Language, remote LLM calls), and Wolfram Enterprise Private Cloud Platform (enterprise deployment).

    Certifications held

    0

    Maturity

    Growth

    Trains on your data

    No

    Trust center

    No

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    > Show 8 unconfirmed / not-held certifications
    SOC 2 (Type 1/2)
    NOT CONFIRMED

    No public evidence. No trust center, audit report, or SOC 2 mention found on wolfram.com, wolframalpha.com, or products.wolframalpha.com after checking the privacy policy, data retention addendum, general Terms of Use, API Terms of Use, and AI Access Terms of Service.

    source: wolfram.com
    ISO 27001
    NOT CONFIRMED

    No public evidence. No ISO 27001 certificate, badge, or reference found on any vendor-domain legal/security page checked.

    source: wolfram.com
    ISO/IEC 42001 (AI management systems)
    NOT CONFIRMED

    No public evidence of ISO 42001 certification despite Wolfram actively marketing AI features (Notebook Assistant, LLM Kit).

    source: wolfram.com
    CSA STAR
    NOT CONFIRMED

    No public evidence found on any vendor-domain page checked.

    source: wolfram.com
    HIPAA
    NOT CONFIRMED

    No public evidence. The Wolfram|Alpha Terms of Use explicitly disclaim suitability for medical decision-making ('not suitable for critical purposes like medical, legal, or financial decisions'), and no HIPAA/BAA language appears on any vendor page checked.

    source: wolframalpha.com
    PCI DSS
    NOT CONFIRMED

    No public evidence found; Wolfram|Alpha Pro/commercial billing is processed but no PCI attestation is published on the vendor's own domain.

    source: wolfram.com
    ISO 27017 / 27018 / 27701
    NOT CONFIRMED

    No public evidence found on any vendor-domain page checked.

    source: wolfram.com
    FedRAMP
    NOT CONFIRMED

    No public evidence found; no FedRAMP marketplace listing or vendor-domain reference identified.

    source: wolfram.com

    // Privacy & AI training

    Trains on customer data

    No

    Data processing agreement

    Not offered

    Data region

    Vendor is US-based (Wolfram Alpha LLC, Champaign, Illinois); Wolfram Research Europe Limited also exists as a UK subsidiary. No specific data-residency guarantee or EU-hosting option is documented on the vendor's own pages.

    Wolfram's AI Access Terms of Service state: 'Wolfram does not use customer Inputs or Outputs to train generalized AI models for the benefit of other customers without the customer's consent.' The Notebook Assistant + LLM Kit page separately states 'User data is not shared outside Wolfram' and that Wolfram 'will not use any of your material for marketing purposes or sell it to third parties.' No self-serve opt-out toggle is documented; consent appears to be the default gate rather than an explicit opt-out control. Some LLM processing happens on Wolfram-controlled remote servers even though part of the Notebook Assistant workflow runs locally.

    // Security controls

    Encryption in transit

    Not documented. The privacy policy only states generic 'appropriate measures... to safeguard PI' without naming TLS/encryption standards.

    wolfram.com

    Data retention

    Job input/output for compute services is 'temporarily processed' and 'purged upon completion.' The general Data Retention Policy Addendum uses indefinite language: personal data is retained 'for as long as needed, as allowed or as required by law,' with no fixed timeframe stated.

    wolfram.com

    GDPR posture

    Self-declared only: 'We collect and hold personal data... in a manner consistent with the lawful bases as outlined in... GDPR.' No specific lawful bases, SCCs, or international-transfer mechanism are enumerated. A dedicated contact (gdpr@wolfram.com) is provided.

    wolfram.com

    Vulnerability reporting

    Wolfram|Alpha's Terms of Use ask users to report security issues through feedback channels rather than publishing a formal bug-bounty or coordinated-disclosure program.

    wolframalpha.com

    Data sale / disclosure

    'We will not attempt to associate individual Wolfram|Alpha inputs with individual human users, and will not release individual or aggregated lists of inputs... to any third party, except in response to lawful court orders.'

    wolframalpha.com

    // Products & data scope

    Wolfram|Alpha (free web)Consumer computational answer engine

    data: Anonymous query text only; no account/personal data required for basic use.

    No personal information collected from free-tier users beyond the query itself, per the vendor's privacy statements.

    Wolfram|Alpha ProConsumer/prosumer subscription

    data: Adds account, billing, and uploaded-file data (e.g., image/data uploads for step-by-step solutions).

    Same privacy policy applies; no additional compliance documentation surfaced for the paid tier.

    Wolfram|Alpha API / Commercial APIDeveloper / B2B integration

    data: Application ID-scoped queries; licensee responsible for Application ID security per API Terms of Use.

    Commercial License Agreement available by supplemental written agreement for expanded quotas; no public DPA template found.

    Wolfram Notebook Assistant + LLM KitAI assistant / LLM feature inside Wolfram Language & Mathematica

    data: Notebook content and prompts; partly processed locally, partly sent to Wolfram-controlled remote LLM servers.

    On by default in Version 15; users can choose not to use it. No customer data used to train generalized AI models without consent, per vendor's AI Access Terms of Service.

    Wolfram Enterprise Private Cloud PlatformEnterprise deployment

    data: Organization-hosted deployment of Wolfram technology; scope beyond public terms not verifiable without vendor contact.

    Existence confirmed via vendor's own Terms and Conditions of Use page; no public compliance/security documentation located for this tier.

    // What to watch

    • No public trust center, SOC 2, ISO 27001, or any other third-party security certification found anywhere on wolfram.com or wolframalpha.com after checking the privacy policy, data retention addendum, general Terms of Use, API Terms of Use, and AI Access Terms of Service.
    • Wolfram Research is a large, decades-old private company with an Enterprise Private Cloud offering, yet its public security disclosure reads like an early-stage vendor's (privacy policy + terms only, no audit evidence) -- enterprise buyers should request compliance documentation directly rather than assume parity with its company size.
    • GDPR posture is self-declared ('consistent with GDPR lawful bases') with no enumerated lawful basis, no published DPA, and no mention of Standard Contractual Clauses for international transfers -- treat as an unverified compliance claim, not a certification.
    • AI-training no-training-without-consent claim is stated in the AI Access Terms of Service and the Notebook Assistant page, but no self-serve opt-out control is documented, so the practical mechanics of 'consent' are unclear.
    • Terms of Use explicitly disclaim suitability for medical/legal/financial decisions, which is directly relevant to any HIPAA-adjacent use case and should be surfaced to users considering it for sensitive workflows.

    // At a glance

    Pricing model

    Freemium: free web tool, paid Wolfram|Alpha Pro subscription, metered/commercial API licensing, and custom enterprise agreements (Enterprise Private Cloud Platform).

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Wolfram|Alpha LLC (a Wolfram Research, Inc. company)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-07-09. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    wolfram.com

    > Browse all vendor trust reports