Is Synthesia safe for work?
Low risk · 5Synthesia Limited · Video · facts (high-confidence)
Synthesia is low-risk for default at-work use (5/100): it does not train on your data, and holds SOC 2 Type II.
5
Low risk
Watch out: The main governance gotcha is consent provenance for AI avatars and voices. Synthesia requires documented consent for any likeness, so an at-work user must ensure they have rights to any face or voice they upload to create a custom avatar.
Data and compliance facts
- Trains on consumer-tier data
- No
- Trains on business-tier data
- No
- Training opt-out available
- N/A
- SOC 2 Type II
- Yes
- ISO 27001
- Yes
- ISO 42001 (AI management)
- Yes
- GDPR Data Processing Addendum
- Yes
- HIPAA BAA
- Unverified
- EU data residency
- Yes
- SSO / SAML
- Yes
- Data retention
- Customer data processed as a GDPR processor under the customer agreement; videos/data retained while the account is active and deleted on customer instruction/termination. Specific quantified windows governed by the agreement.
- Safer tier
- Enterprise
Why it scores 5 out of 100
- +5No HIPAA BAA. No Business Associate Agreement, so do not use it with protected health information.