Forms that don't spy.

Client-side encryption, automatic PII detection, zero tracking. Your users' data is protected before it ever leaves their browser.

Traditional forms vs VeilForms

Traditional Form Builders

  • Receive your data in plaintext
  • Store data on their servers (they have the keys)
  • Can read, leak, or be compelled to share
  • Track users across sites
  • Sell analytics data to third parties

VeilForms

  • Data encrypted in user's browser
  • We only store ciphertext (you have the keys)
  • We cannot read or share your data
  • Zero user tracking or fingerprinting
  • Your data stays yours, always

How it works

Client-side encryption in 5 steps

User fills form

Data exists only in their browser

PII detected

Emails, phones, SSNs identified

Data encrypted

RSA + AES encryption locally

Ciphertext sent

We receive encrypted blob

You decrypt

Using your private key

Everything you need for privacy-first forms

Client-Side Encryption

RSA-2048 + AES-256 encryption happens in the browser before data is transmitted. We never see plaintext.

Smart

Automatic PII Detection

Detect emails, phones, SSNs, credit cards, and more. Optionally strip PII before encryption for extra compliance.

Anonymous IDs

Cryptographic submission IDs with zero link to user identity. No tracking, no fingerprinting, no cookies.

You Own Your Keys

Private keys never leave your device. We literally cannot decrypt your data even if we wanted to.

Developer SDK

Simple JavaScript SDK. Just add data-veilform to any form. Works with React, Vue, vanilla JS.

Webhooks

Real-time notifications when forms are submitted. Decrypt on your server for custom workflows.

Analytics Dashboard

Form views, completion rates, error tracking. All without tracking individual users.

Form Builder

Drag-and-drop form builder with integrity checks. No code required.

GDPR Ready

Built for compliance. PII minimization, data portability, right to erasure all built in.

See it in action

Type in the form and watch the encryption happen in real-time

Contact Form Demo

Encrypted Output LIVE

{
  "encrypted": true,
  "version": "vf-e1",
  "data": "Enter data to see encryption...",
  "key": "...",
  "iv": "..."
}

This is what we receive and store. We cannot decrypt it.

8KB

SDK size (gzipped)

2048

RSA key bits

256

AES encryption bits

0

Data we can read