SOC 2 certification
Recraft has completed a SOC 2 certification, demonstrating that our systems are independently audited for security, availability, and confidentiality controls. This annual audit confirms that our infrastructure and processes meet recognized industry benchmarks.PCI DSS compliance
We never store or process payment details directly. Transactions are handled exclusively by Stripe and Google Pay, both of which hold PCI DSS Level 1 certification.GDPR alignment
Recraft aligns with GDPR requirements. As outlined in our Privacy Policy, personal data is handled in accordance with GDPR standards. Users may request that this data be permanently deleted from our systems at any time.Subprocessors
Recraft uses carefully selected third-party providers, known as subprocessors, to deliver certain parts of our service. These providers may process limited customer data on our behalf to support functions such as cloud hosting, payment processing, or analytics. All subprocessors are reviewed for their security and privacy practices before being engaged, and we maintain contracts to ensure they meet our standards for data protection. We regularly reassess these vendors to confirm ongoing compliance with industry requirements. You can view the current list of subprocessors at: recraft.ai/subprocessorsCompliance contacts
For questions about certifications or GDPR rights, users can contact our compliance team directly at compliance@recraft.ai.FAQ
Q: How do I request deletion of my personal data?A: Contact help@recraft.ai with your account email and the data will be permanently removed. Q: Does Recraft use my data to train AI models?
A: No. Generated or uploaded assets are not used to train external models.