Loading the catalogue…
Loading the catalogue…
Prime Intellect is a US-incorporated, venture-backed AI lab operating from San Francisco that builds open-weights models (INTELLECT-1, -2, -3) and publishes its full training stack — frameworks, datasets, and RL environments — under MIT and Apache 2.0 licences. Its incorporation and exclusive use of US-based AWS infrastructure make it fully CLOUD Act exposed, and it has no published EU AI Act compliance statement, no EU legal entity, and no DPO contact; EU regulated customers deploying its models on their own infrastructure will largely self-manage compliance obligations. No known controversies, lawsuits, or sanctions were identified.
CLOUD Act exposure confirmed and currently mislabelled in Stav catalogue. Prime Intellect is a US-incorporated entity (Delaware) processing all customer data on US AWS infrastructure. US authorities can compel disclosure of data under the CLOUD Act and FISA Section 702 without EU customer notification.
No explicit international data transfer mechanism (SCCs, adequacy, BCRs) is named in the privacy policy for EU personal data transferred to US AWS. This is a GDPR Chapter V compliance gap that EU regulated customers must address contractually before deployment.
No publicly available Data Processing Agreement (DPA) found. EU enterprises acting as data controllers who route personal data through Prime Intellect's platform are likely required to execute a DPA under GDPR Article 28 before doing so.
No EU AI Act compliance statement, GPAI Code of Practice participation, or AI Pact signatory status identified. GPAI obligations (Article 53) became applicable August 2025. Prime Intellect has not publicly acknowledged its GPAI obligations for INTELLECT-3.
No third-party security certifications (SOC 2, ISO 27001) found. Terms reference 'industry standard' security but no independent audit or certification has been publicly disclosed.
Terms of Service explicitly excludes HIPAA and FISMA compliance, restricting use in regulated US healthcare and federal government contexts. EU regulated customers should verify whether their specific use case aligns with the ToS restrictions.
Very small team (2–23 employees per multiple sources) for a company publishing frontier-scale models and operating a compute marketplace. Organisational capacity to maintain models, respond to security incidents, and support enterprise customers at scale is materially constrained.
Stav AI Act assessment
Editorial assessment, not legal advice. Stav's risk ratings, scores, and verdicts are our own analysis of publicly available information and may be incomplete or out of date. Verify independently before making compliance or procurement decisions.
Full open-source release of INTELLECT-1, -2, and -3 model weights, training frameworks (prime-rl), RL environments, datasets, and technical reports under permissive MIT and Apache 2.0 licences. This is among the most transparent model release practices in the current landscape.
Detailed public technical reports for all three INTELLECT model generations, including arXiv publication (2512.16144) for INTELLECT-3 with full training methodology, datasets, ablations, and benchmark results.
Published responsible disclosure / bug bounty programme at primeintellect.ai/security-policy, with PGP-encrypted reporting channel (security@primeintellect.ai) and a public PGP key.
Strong open-source community engagement: Environments Hub with 2,500+ community-contributed RL environments, open GitHub repositories, and a Discord community. INTELLECT-2 used permissionless global contributors — a genuine open-science approach.
Active and accelerating development trajectory: Lab platform launched May 2026, NVIDIA partnership March 2026, consistent blog output, and 24 open job listings indicate a healthy operational pace for a lab of this size.
Privacy policy explicitly acknowledges EEA, UK, and Switzerland residents and cites GDPR Article 6(1) lawful bases. A dedicated privacy contact (privacy@primeintellect.ai) is provided. Basic GDPR rights (access, erasure, portability, objection) are enumerated.
Investor base includes Andrej Karpathy, Clement Delangue (HuggingFace CEO), Emad Mostaque, and Tri Dao — prominent open-source AI researchers whose participation lends credibility to the open-science mission.
Privacy policy review
Creator profile
Commoditizing intelligence through a decentralized AI lab to advance scientific progress and human flourishing.
Stav editorial summary
Prime Intellect is a United States entity. Training data and weights produced under United States-jurisdiction are covered by the CLOUD Act.
Exposed on training. Inference is unaffected when hosted on Stav infrastructure inside the EEA.
Stav compliance has not yet scored Prime Intellect. Scores are published once the policy review and infrastructure assessment complete.
Prime Intellect, Inc. is a private software development company founded in 2023 by Johannes Hagemann and Vincent Weisser.
We are registered in Delaware, United States and have our registered office at 1111B S Governors Ave STE 7703, Dover, DE 19904.
The company’s registered corporate headquarters address is in Dover, Delaware, serving as its official legal home. However, its main operational headq...
The model, training frameworks, and environments are open-sourced under fully-permissive licenses (MIT and Apache 2.0).
Prime Intellect AI welcomes security vulnerability reports regarding our public-facing infrastructure, including our website and API endpoints at *.pr...
Published safeguards & certifications