Vyond’s Trust Center

For more than a decade, Vyond has built enterprise-grade solutions following the product development principle known as “Security By Design.” Vyond is ISO 27001:2022 certified across all locations and products, and offers service to government agencies under the rigorous and continuous monitoring requirements of the U.S. federal government’s FedRAMP program. Vyond achieved its first FedRAMP authorization in June of 2025, which can be seen here. 

Key security features  include brute force login defense and robust protection from DDOS (Distributed Denial of Service) attacks; configurable inactivity logout, IP whitelisting, password policies, and server-side cache settings;  seamless integration with customer Single Sign-On solutions, including IdP and SP authentication under SAML 2.0, Oauth solutions using Google or Microsoft Office 365, and SCIM provisioning (learn more). With these safeguards, Vyond’s Secure Suite enables enterprises to create and collaborate confidently within a secure video creation platform.

No. Generated video scripts based on prompt inputs are stored in short term memory, but once a script is generated, the prompt input is automatically deleted, and is never logged or stored beyond that.

No. We don’t use any data provided by end users as input for the creation, development, training, or improvement of AI components of the product, and we don’t partner with AI model creators who don’t make the same commitment.

Vyond follows industry best practices under AI governance frameworks, such as the EU AI Act and ISO 42001, for providing transparency and guidance when outputs are created using inputs processed by generative AI features. This includes in-app text at the point of engagement that warns end users not to use the intellectual property of another as an input for an AI prompt. Vyond also requires the “human-in-the-loop” design principle be strictly followed. By doing so, enterprises are protected from automated means of processing inputs without human oversight.

To create a custom avatar based on your likeness, Vyond requires explicit consent to comply with data protection regulations. Users must record and submit a separate video of themselves reading a specific consent statement. This gives Vyond permission to use audio and video samples to create and share a digital avatar. A custom avatar request cannot be processed if the consent statement is missing or doesn’t meet Vyond’s standards. If a custom avatar is created, but no longer desired, the creator of the avatar can contact Vyond’s support team to have it permanently deleted from Vyond’s platform.

Vyond collects two types of Personal Data. The first is business contact information, such as name and email address. The second is data that end users optionally choose to upload into the Vyond platform that also qualifies as Personal Data. Learn more. 

Yes. SAML 2.0-based SSO is supported with both Identity Provider and Service Provider options.

Not directly, but through the use of SSO.

Yes. All Enterprise subscription plans come with contractual SLAs.

Yes. See our list of subprocessors here.

Vyond uses Amazon Web Services (AWS) and the primary hosting facility is the US East 1 Zone in Northern Virginia. The secondary facility is AWS’ US West 1 Zone in Portland, Oregon.

No. Vyond relies on AWS for infrastructure security and reviews the AWS SOC 2 Type II annually as part of ISO 27001 controls.

Yes, data is encrypted using TLS 1.2.

Yes, data is encrypted using AES-256 encryption.

Yes.

Yes, annually.

This is the responsibility of our cloud host. For more info please see Amazon’s data center policy