Protect the people who trust you with their data.
End-to-end encrypted forms built for nonprofits, legal aid, journalists and those on the front lines handling sensitive information.
When data is sensitive, trust is everything.
Standard form builders aren't built for the risks you face. Whether you're collecting:
- Incident or abuse reports
- Immigration or legal case details
- Whistleblower submissions
A single breach can put real lives at risk. Confide is built to drastically minimize that risk.
Designed to reduce the risk of:
- Data breaches
- Third-party tracking
- Unauthorized internal access
- Long-term retention of sensitive data
- Exposure of vulnerable respondents
No tool can prevent:
- Compromised devices
- Someone intentionally sharing exported data
- Misuse by authorized users
We can't read it, so we can't lose it.
Forms are encrypted on your device before they ever reach our servers. Respondents use secure links to decrypt your form and encrypt their responses. Even if we were compelled to, we couldn't access your data.
Break free from the surveillance economy.
Most platforms profit by tracking activity, profiling users, and serving ads. We believe privacy isn't a setting—it's a fundamental right. We don't track, we don't profile, and we never serve ads. Period.
Collaborate without compromise.
Manage sensitive cases as a team. Workspaces allow for seamless collaboration while maintaining full end-to-end encryption. Granular access controls and immutable audit logs ensure you always know who saw what.
True End-to-End Encryption
Keys are generated on your device and never shared with us. Only you hold the power to decrypt.
Respond Anonymously
No IP logging, no hidden tracking, and no account required for respondents. Pure privacy.
Open Source & Auditable
Licensed under AGPL. Verify our security claims yourself or host it on your own infrastructure.
Built for real-world use.
Everything your organization needs to collect sensitive information responsibly.
- Auto-Delete: Automatically purge old data to minimize exposure.
- Passkey-Only: Modern, phishing-resistant authentication.
- Audit Logs: Immutable records of all administrative actions.
- Multi-Language: Reach your community in their native tongue.
- Secure Export: Download data only when you need it locally.
Common Questions
Can Confide read my form responses?
Absolutely not. Forms and responses are encrypted on your device using keys that never leave your browser. By the time data reaches our servers, it is already unreadable ciphertext.
What happens if Confide gets hacked?
An attacker would only find encrypted data. Without your private keys, the information is useless. This "end-to-end encrypted" approach is the ultimate defense against data breaches.
Do respondents need to create an account?
No. Respondents receive a secure link that contains everything needed to decrypt your form and encrypt their response. No sign-up, no email, no tracking.
What metadata does Confide collect?
We collect only what's necessary to run the service — timestamps of form submissions and basic account information for paying customers. We do not log IP addresses of respondents, track behavior, or sell data.
Can I delete data automatically?
Yes. You can configure forms to auto-delete responses after a set period, or close a form entirely once a submission limit is reached. Reducing the data you hold reduces your risk.
Is there a free version for small groups?
Yes. We offer a generous free tier for grassroots organizations and individuals. We believe everyone should have access to secure communication tools, regardless of their budget.