Security Practices

HeadshotPro has built with best-in-class security practices to keep your work safe and secure at every layer. This includes state-of-the-art encryption, safe and reliable infrastructure partners, and independently verified security controls.

HeadshotPro is compliant with SOC 2 Type II.

SOC 2 Type II is an audit report performed by an independent third-party certified by the American Institute of Certified Public Accountants (AICPA) to evaluate a service organization's controls related to the Trust Services Criteria (TSC). The SOC 2 Type II report assesses the effectiveness of these controls over a period of time and is intended to provide assurance to customers and stakeholders that the organization has implemented adequate controls to protect their data.

Access our Trust Center here.

HeadshotPro undergoes regular third-party penetration testing to identify security weaknesses before they can be exploited by malicious actors.

All data is securely stored in the United States, with a backup failover located in the European Union to ensure high availability and reliability.

We distinguish between the photos you upload and the headshots we generate for you:

• Uploaded Photos: These are the images you upload to our platform to create your headshots. We delete these original photos immediately after the AI model has finished processing.

• Generated Headshots: These are the final professional headshots created by our AI. By default, these generated headshots remain available on the platform so you can access and download them at any time.

For our corporate and enterprise clients, we offer an optional setting that automatically deletes all generated photos after 30 days. Once this feature is enabled, all related user data is completely and permanently removed from our systems after the 30-day period.

To request any security and compliance documents for HeadshotPro, please contact us at support@headshotpro.com