Zero-Knowledge
End-to-End Encrypted Forms

Build secure forms that even we can't read. Submissions are encrypted in the browser before they ever touch a server.

Start Free View Plans

AES-256-GCM • PBKDF2-SHA256 • Zero Dependencies • SSRF Protected

Built for Privacy-First Teams

Collect sensitive data without compromising on security.

🛡

End-to-End Encryption

Submissions encrypted with AES-256-GCM in the browser. The server only stores ciphertext — never plaintext. Your passphrase never leaves your device.

🔒

Zero-Knowledge Storage

We cannot read your submissions. Even with full database access, encrypted data is useless without the passphrase only you know.

🔗

Shareable Form Links & Token Links

Every form gets a unique public URL. Paid plans unlock secure token links — one-time-use or time-limited URLs for controlled access to your forms.

📄

Embeddable Forms

Embed forms on any website with a simple iframe snippet. Domain whitelisting and CSP headers ensure only your approved sites can host your forms.

🤖

Anti-Cheat & Bot Protection

Multi-layered spam defense: invisible honeypot fields catch autofill bots, server-side timing analysis flags unnaturally fast submissions, and JavaScript fingerprinting detects headless browsers. Each signal is scored independently — submissions below the threshold are blocked automatically. This is a strong preventative layer, not a catch-all. We are continuously improving our detection methods to stay ahead of evolving bot techniques.

📎

Secure File Uploads

Accept files with real MIME-type detection (not just file extension), randomized storage names, PHP execution blocking, and per-tenant storage isolation with quota enforcement.

Custom SMTP

Send form notifications from your own mail server. SMTP passwords are encrypted at rest with AES-256. Full SSRF protection prevents internal network attacks.

📜

AI Grading & Audit Logs

AI-powered submission grading with configurable rubrics and per-plan usage limits. Complete audit trail for every action — login, form edit, submission, setting change — for full compliance visibility.

Simple, Transparent Pricing

Start free. Upgrade when you need more.

Free

$0/mo

Get started with basic forms

  • 3 forms
  • 50 submissions/mo
Get Started Free

Pro

$29/mo

For growing businesses

  • 25 forms
  • 5,000 submissions/mo
  • File uploads
  • E2E encryption
  • Custom SMTP
  • Custom branding
  • Anti-cheat / bot protection
  • 500 MB storage
Start Free — Then $29/mo

Business

$79/mo

Unlimited everything

  • Unlimited forms
  • Unlimited submissions/mo
  • File uploads
  • E2E encryption
  • Custom SMTP
  • Custom branding
  • Anti-cheat / bot protection
  • AI graded submissions
  • 5,000 MB storage
Start Free — Then $79/mo

Questions & Answers

Can you read my form submissions?
No. With E2E encryption enabled, submissions are encrypted in the browser using AES-256-GCM before data reaches any server. We store only ciphertext. Without your passphrase, nobody — including us — can decrypt submissions.
What if I lose my passphrase?
Encrypted submissions become permanently unrecoverable. This is by design — it's what makes the system truly zero-knowledge. We strongly recommend storing your passphrase in a password manager.
What happens if my payment fails?
Your account automatically falls back to the Free plan. All your forms and data remain intact, but premium features are disabled until billing is resolved. You'll see a banner in your dashboard to fix the issue.
Is E2E Forms open source?
Not at this time. While the architecture supports self-hosting, we have not open-sourced the code. This is something we may consider in the future.
How does the anti-cheat system work?
Our anti-cheat uses three independent layers: (1) an invisible honeypot field that catches bots filling every input, (2) server-side timing analysis that flags submissions made faster than humanly possible, and (3) JavaScript fingerprinting that detects headless browsers and scripts that don't execute JavaScript. Each signal is scored and weighted independently. Submissions that score below the threshold are automatically blocked. Note: this is a strong preventative measure and significantly reduces spam, but no anti-bot system is a 100% catch-all. We are continuously improving our detection methods.
What are token links?
Token links are special form URLs available on paid plans that provide controlled access. They can be set as one-time-use (link expires after a single submission) or time-limited (link expires after a set period). This is useful for surveys, invitations, or any scenario where you want to restrict who can submit.
How does AI grading work?
AI grading lets you define a rubric for your form, and each submission is automatically scored and given feedback based on your criteria. Usage is metered per plan (e.g., 5,000 or 10,000 graded submissions) because AI processing uses tokens that have real costs. You can monitor your usage in the dashboard. Plans can also be set to unlimited if needed.
Is all data encrypted at rest?
E2E-enabled submissions are encrypted before storage. SMTP passwords use AES-256-CBC. All data transfers use TLS 1.2+. Sessions use secure, HTTP-only cookies. We recommend using a VPN for additional privacy — we suggest ProtonVPN.
Do you track IP addresses?
By default, E2E Forms does not persistently log or track IP addresses of form respondents. However, if compelled by a valid court order, we may be required to enable limited logging. In such cases, affected users will be notified via email within 30 days of the request. We recommend using a VPN like ProtonVPN for additional anonymity.