// Trust & Security Report

    AGYL AI, Inc. (formerly Writerly Technology, Inc.; product operated as "Writerly") logo

    AGYL AI, Inc. (formerly Writerly Technology, Inc.; product operated as "Writerly")

    Writerly is a no-code generative AI content/productivity platform (Business Cloud for teams/enterprise, Creator Cloud for individuals/small teams, Writerly Go Chrome extension, Creator AI Chat). It sits under the AGYL AI, Inc. parent umbrella alongside a separate e-commerce product, EKOM, which is not covered by this assessment.

    Certifications held

    0

    Maturity

    Growth

    Trains on your data

    Unknown

    Trust center

    No

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    > Show 8 unconfirmed / not-held certifications
    SOC 2 (Type 1/2)
    NOT CONFIRMED

    no public evidence - no trust center, no SOC 2 mention on homepage, pricing page, privacy policy, or terms of service

    source: writerly.ai
    ISO 27001
    NOT CONFIRMED

    no public evidence - not referenced anywhere on writerly.ai

    source: writerly.ai
    ISO/IEC 42001 (AI management system)
    NOT CONFIRMED

    no public evidence - not referenced anywhere on writerly.ai

    source: writerly.ai
    CSA STAR / CSA STAR AI
    NOT CONFIRMED

    no public evidence - not referenced anywhere on writerly.ai

    source: writerly.ai
    HIPAA
    NOT CONFIRMED

    no public evidence - no BAA offering or HIPAA language found on writerly.ai; searches for "Writerly AI HIPAA" return results for the unrelated company WRITER (writer.com), not this vendor

    source: writerly.ai
    PCI DSS
    NOT CONFIRMED

    no public evidence; payment processing is delegated to Stripe as a subprocessor, so any PCI scope is Stripe's, not Writerly's

    source: writerly.ai
    GDPR (posture, not a certification)
    NOT CONFIRMED

    "We acknowledge your rights under Article 7(3) of the GDPR..." - policy describes user rights (access, correction, erasure) but there is no DPA, SCC, or EU representative documentation published, and no formal GDPR compliance attestation

    source: writerly.ai
    FedRAMP
    NOT CONFIRMED

    no public evidence; product is a consumer/SMB-to-enterprise SaaS tool with no government-authorization claims found

    source: writerly.ai

    // Privacy & AI training

    Trains on customer data

    Not stated

    Data processing agreement

    Not offered

    Data region

    United States primary; policy states data "may be stored, processed, and accessed... in the United States or elsewhere," no data-residency guarantee or region selection offered

    The Terms of Service grant Writerly a broad license to "use, host, aggregate, commercially exploit, display, store, copy, distribute, publish, perform, and modify or create derivative works" from user-submitted content, with no opt-out mechanism disclosed. This is a content-usage license, not an explicit statement that Writerly trains its own AI models on customer data. Generation itself is powered by OpenAI as a named subprocessor, so customer prompts/outputs likely flow through OpenAI's API (which per OpenAI's standard API terms does not train on API customer data by default) - but Writerly's own site does not state this explicitly, and the broad content-exploitation clause in its own ToS is unresolved and worth flagging to a buyer.

    // Security controls

    Encryption in transit/at rest

    Not specified. Privacy policy contains only a generic disclaimer: "we cannot guarantee the security of your Personal Information transmitted to or through our Services." No encryption standard, key management, or infrastructure detail is published.

    writerly.ai

    Subprocessors / infrastructure

    Privacy policy names Google LLC and Amazon (cloud hosting), Stripe (payments), OpenAI (AI content generation), plus HubSpot, Slack, Stagebase, Stonly, Tidio, SendGrid, Webflow for other functions.

    writerly.ai

    Trust center / independent audit disclosure

    None found. No Vanta/Drata badge, no published SOC 2 report request process, no security whitepaper.

    writerly.ai

    Liability posture

    Terms of Service cap Writerly's liability at $100 and disclaim indirect/consequential damages; mandatory binding arbitration with class-action waiver.

    writerly.ai

    Marketing claim: "Data Privacy & Security"

    Pricing page lists "Data Privacy & Security" as a bullet-point feature on every paid tier, but this is unsubstantiated marketing copy - no certification, control, or specification backs the claim anywhere on the site.

    writerly.ai

    // Products & data scope

    Writerly Business Cloud (Nimbus / Stratos / Cirrus / Enterprise tiers)Team/enterprise generative AI content platform

    data: Team content, brand assets, department templates, API access at Enterprise tier

    Highest-tier plan adds a dedicated account manager and API access, but no additional compliance documentation is surfaced for enterprise buyers.

    Writerly Creator CloudIndividual/small-team AI writing workspace

    data: Individual user content and account data

    Same privacy policy and terms apply as Business Cloud; no separate consumer-grade privacy terms.

    Writerly Go (Chrome extension)Browser extension for in-context AI writing

    data: Content typed/edited on third-party websites and apps the extension is used in

    Broadest data-exposure surface of the product family; no extension-specific privacy disclosure found beyond the general privacy policy.

    Creator AI ChatConversational AI assistant with memory

    data: Chat history retained for memory/personalization features

    No retention period or deletion-of-memory controls documented publicly.

    EKOME-commerce/retail technology (separate AGYL AI product line)

    data: Out of scope for this assessment

    Distinct product under the same AGYL AI parent; do not apply Writerly's cert findings to EKOM or vice versa.

    // What to watch

    • IDENTITY RISK (resolved but worth flagging): 'Writerly' (writerly.ai, AGYL AI Inc.) must not be confused with the unrelated company WRITER (writer.com), which holds SOC 2 Type II, ISO 27001/27701/42001, and HIPAA certifications. Search engines and AI search summaries frequently surface WRITER's certifications when queried about 'Writerly' - none of those certifications belong to this vendor.
    • No trust center, no SOC 2/ISO/HIPAA/PCI evidence found anywhere on the vendor's own domain despite claiming 'over one million' users and offering an Enterprise tier with a dedicated account manager - a compliance gap for a vendor at this scale.
    • Pricing page lists 'Data Privacy & Security' as a bare feature bullet on every tier with no substantiation - classic unsubstantiated marketing claim, not a verifiable control.
    • Terms of Service grant Writerly broad rights to exploit and create derivative works from user content with no stated opt-out, and this is not reconciled anywhere with a clear 'we do/don't train on your data' statement - a contradiction risk for enterprise buyers who need a clean answer.
    • No DPA (Data Processing Agreement) template or Standard Contractual Clauses found published for EU customers despite acknowledging GDPR Article 7(3) rights.

    // At a glance

    Pricing model

    Tiered monthly/annual subscription ($69-$219/mo published tiers) plus a custom-quote Enterprise plan

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on AGYL AI, Inc. (formerly Writerly Technology, Inc.; product operated as "Writerly")'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-07-09. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    writerly.ai

    > Browse all vendor trust reports