AI that keeps your data yours

CloakAI is like ChatGPT, but everything you say stays completely private and under your control. Ask questions, analyse documents, and think through ideas with AI — your chats are encrypted and saved in your own secure vault that only you can access. They’re never used to train AI or seen by anyone else.

Temporary encrypted session. Messages are deleted when you close this tab unless you create an account.

Get started

1

Try it instantly

Send up to 6 messages per day in an encrypted preview session. No signup, no account. Messages are encrypted in your browser.

2

Create your account

Get 7 days free to assess CloakAI. Choose a passphrase known only to you. Your conversations are re‑encrypted with a key derived from it.

3

Choose a monthly subscription

If CloakAI is right for you, add a payment method to continue. All conversations are encrypted using your passphrase. Only you hold the key. If you forget it, your data is permanently inaccessible — by design. Your subscription continues, and you can create a new private vault.

Client-Side Encryption

Your messages are encrypted in your browser with AES-256-GCM before they reach our servers. We store only encrypted blobs we cannot read.

Zero Knowledge Storage

The server stores only ciphertext. Chapman AI has no access to your encryption key and cannot decrypt your conversations at any point.

No Backdoors

Lose your passphrase, lose your data. There is no account recovery, no master key, no backdoor. This is a security guarantee, not a limitation.

Regulation-Ready

Designed with the EU AI Act, GDPR, and UK AI regulation in mind. Transparency, data minimisation, and human oversight by design. Learn more

How your data stays private

Two separate flows keep your data secure: one for AI processing, one for storage. Neither exposes your data in readable form.

When you send a messageYour BrowserYou type your message.Encrypted with AES-256-GCMusing your passphrase-derivedkey (PBKDF2, 600k iterations).Key never leaves your browser.Encryptedover TLSStateless RelayLondon, UKDecrypts for AI call only.No logs. No storage.Strips IP, user-agent, anddevice IDs from web searches.Decrypted for AIover TLSAI ServiceSweden, EUProcesses your message.Zero data retention.Not used for training.Discarded immediately.Response returnedRe-encrypted in browserWhen your conversation is savedYour BrowserEncrypts the conversationwith your key. Only encryptedblobs leave your device.You hold the only key.Encrypted blobsEncrypted blobs (you decrypt)Encrypted VaultLondon, UKStores only ciphertext.No encryption keys stored.Unreadable without passphrase.What can each party see?Chapman AI (us)Encrypted blobs we cannot read.No keys, no plaintext,no logs of your conversations.The AI providerYour message during processing only.No identity, no history, no retention.Discarded immediately.An attacker who breaches our serversEncrypted blobs with no keysto decrypt them. No plaintextdata exists to steal.

A private thinking space

CloakAI helps you work more effectively with AI while keeping your information confidential.

Draft and review documents

Work on contracts, proposals, and reports with AI assistance. Your conversations are encrypted end-to-end.

Analyse sensitive documents

Review and summarise confidential files without exposing them to third-party services.

Research and brainstorm

Explore ideas, draft responses, and think through problems in a private environment.

Prepare communications

Draft emails and messages with context from sensitive discussions without exposure risk.

What you’re really asking

“What if I accidentally paste something confidential?”

Everything you type is encrypted in your browser before it leaves your device. Even if you paste a client name, a contract clause, or a medical record — it’s encrypted with your key before it touches any server. Our servers literally cannot read it.

“What if something goes wrong and I’m asked to explain?”

There’s nothing to find. Your conversations are encrypted with a key only you hold. There are no server-side logs to subpoena, no plaintext to breach, no training data to surface in someone else’s chat. The protection is structural — built into the architecture, not a policy promise.

“My organisation says ‘don’t use AI’ — does CloakAI count?”

Most AI bans exist because tools like ChatGPT store and train on your data. CloakAI uses zero-knowledge architecture: your data is never stored in readable form and never used for training. This is the architecture compliance teams actually want — we just make it available without an enterprise contract.

Frequently Asked Questions

Common questions about privacy, encryption, and how CloakAI works.

Ready to work privately with AI?

Create your encrypted vault and start your free 7-day trial. Email required, no card needed.

Create Your Vault