Military grade end-to-end encrypted forms.
Encrypted forms and responses are stored fully encrypted on our servers. Only you will be able to decrypt it. We take this very seriously.
All responses to your form are encrypted with military-grade encryption that only the key holder can decrypt.
Not even system administrators can see your responses. It gives you full confidence, that only you are the person who can access the data.
Upon creation of your element form, you’ll be asked for an encryption key that will be used to safely encrypt the responses of your form.
All data sent through your form is automatically encrypted in the browser. The decryption process takes place on your computer only.
You will be the only person in possession of the key and the key is the only means to unlock the data.
Information sent to your form is valuable. Protecting this information is in your interest. The best way to do it is to have a simple system in place. This simple system should host your data, but, it should not have access to it. You should be the only person who has access to your data.
What exactly is a zero-knowledge principle?
This is quite simple to explain. The system of zero-knowledge relies on one simple fact. That a party can’t access your data, even if they wanted to. Traditional systems store your data as it is. In a plain readable format.
Non-zero-knowledge system, store your data in an encrypted format. This is also known as zero-knowledge encryption. Your data gets saved with encryption at rest. This means, only you have access to it. Whenever you need it.
PGP is the gold standard of encryption.
All of your encrypted forms use OpenPGP encryption. The system uses keys that are 4096-bit strong.
Forms are encrypted on the client-side before the responses are sent to our servers. This means nobody can see what is inside. If you’re the eligible key holder of the decryption key, you’ll be able to decrypt the responses.
Strong encryption comes with responsibilities. If you lose your key, none of your data can be retrieved. There are no backdoors, no backup keys, no nothing.
The fact that military-grade encryption is used, has the side effect that it is very secure and can’t be decrypted without the correct key, even if anybody wanted to. If the key is gone, the data can’t be decrypted anymore.
Rest assured, as long as you keep your decryption key safe like your regular password, you’ll always be able to retrieve your data.
Are my forms insecure without this feature?
No, all form data is transferred over encrypted channels in any case. You would use this feature if you have very sensitive data. Client data, Medical data, patient data, and similar data that is protected under HIPAA or CCPA.
It serves as an extra layer of protection.