Privacy-First Architecture

Your Legal Data
Never Touches Our Servers

A deep dive into our privacy-first architecture across all tiers. Learn how we've designed inchambers.ai so that your confidential client information stays exactly where it belongs: with you.

Core Principles

Privacy-First by Design

We built inchambers.ai with a fundamental principle: we never have access to your data or API keys, regardless of which tier you choose.

Client-Side Processing

All document analysis happens in your browser - whether you use the web app or the Word add-in. Your contracts never leave your device.

Your Keys, Your Control

You bring your own API keys. They're stored encrypted on your computer or infrastructure, never on our servers.

No Sensitive Data Logging

We never log, store, or analyze your documents, prompts, or AI responses. We only track superficial usage metrics (DAU/MAU).

Privacy Across All Tiers

Every Tier is Private by Default

From Free to Enterprise, your data privacy is never compromised. Here's exactly how each tier protects your information.

Free Tier

Dynamic weekly request limit

The free tier offers two options, both completely private:

Option 1: Use Our DeepSeek R1 Key

  • We provide a platform-managed DeepSeek R1 API key
  • Your documents are relayed on the fly through our edge proxy — never stored or logged
  • Your data never touches our servers — processed through our edge proxy and never stored
  • Dynamic weekly request limit with burst rate protection

Option 2: Bring Your Own Keys

  • Use your own API keys (OpenAI, Anthropic, etc.)
  • Keys stored encrypted on your computer
  • Direct connection to AI provider from your browser
  • Same dynamic weekly request limit
  • Templates stored locally + optional encrypted cloud backup

Template Storage:

Templates are stored locally on your device and optionally backed up to a dedicated app folder in your Google Drive or OneDrive. We use scoped access so the app can only see files it created, never your personal documents or other Drive contents. Backups are AES-256 encrypted before upload, and the encryption key is generated locally and stays on your device. Only you can decrypt your templates.

Free Tier Architecture (Dynamic weekly limit):

Option 1: Platform DeepSeek R1 Key    Option 2: Bring Your Own Keys
(via Edge Proxy)

┌──────────────────┐                  ┌──────────────────┐
│  Your Computer   │                  │  Your Computer   │
│                  │                  │                  │
│  ┌────────────┐  │                  │  ┌────────────┐  │
│  │ InChambers │  │                  │  │ InChambers │  │
│  │(Web/Word)  │  │                  │  │(Web/Word)  │  │
│  └──────┬─────┘  │                  │  └──────┬─────┘  │
│         │        │                  │         │        │
└─────────┼────────┘                  │  ┌──────▼─────┐  │
          │ JWT token                 │  │  Encrypted │  │
          ▼                           │  │  API Keys  │  │
┌──────────────────┐                  │  └──────┬─────┘  │
│ Edge Proxy       │                  └─────────┼────────┘
│ (Serverless)     │                            │
│                  │                            ▼
│ • Your files are │                  ┌──────────────────┐
│   never stored   │                  │   AI Provider    │
│ • Relayed on the │                  │  (OpenAI, etc.)  │
│   fly & discarded│                  └──────────────────┘
└────────┬─────────┘                            │
         │                                      │
         ▼                                      ▼
┌──────────────────┐              ┌────────────────────────┐
│  DeepSeek R1 API │              │  inchambers.ai Backend │
│  (Key from edge  │              │  (Auth & Billing)      │
│   secret only)   │              └────────────────────────┘
└──────────────────┘

Note: Your documents NEVER touch inchambers.ai servers.
Content is relayed through the edge proxy on the fly —
never stored, never logged, never persisted anywhere.

Starter Tier

Unlimited requests

Personal API keys, stored encrypted on your computer with optional PIN protection. We never have access to your credentials. Your documents are processed entirely on your device and sent directly to the AI provider — they never pass through inchambers.ai servers. DeepSeek R1 is available as a fallback via our edge proxy if you haven't configured your keys yet.

How It Works:

  • 1. You provide your own API keys (OpenAI, Anthropic, Google, DeepSeek, etc.)
  • 2. Keys are stored encrypted on your computer
  • 3. InChambers uses these keys to connect directly to AI providers — your documents go straight to the provider, never through our servers
  • 4. Keys never leave your computer and never reach our servers
  • 5. Our backend only handles OAuth authentication (no admin consent required)
  • 6. Templates stored locally + AES-256 encrypted cloud backup to your Drive/OneDrive

DeepSeek R1 is available as a fallback via our edge proxy if you haven't configured your own keys yet. Your document content is relayed on the fly and immediately discarded — nothing is stored or logged.

Template Storage:

Templates are stored locally on your device and automatically backed up (AES-256 encrypted) to a dedicated app folder in your Google Drive or OneDrive. Access is strictly scoped: the app can only reach files it created, not your personal documents or other Drive contents. The encryption key is auto-generated and stored only on your device. Neither InChambers nor the cloud provider can read your templates.

Starter Tier Architecture:

┌──────────────────────────────┐
│      Your Computer           │
│                              │
│  ┌────────────────────────┐  │
│  │ InChambers (Web/Word)   │  │
│  │                        │  │
│  │  ┌──────────────────┐  │  │      ┌─────────────┐
│  │  │  Encrypted       │  │  │─────▶│  OpenAI     │
│  │  │  Storage         │  │  │      │  Anthropic  │
│  │  └──────────────────┘  │  │◀─────│  Google     │
│  │                        │  │      │  etc.       │
│  └────────────────────────┘  │      └─────────────┘
│                              │
└──────────────────────────────┘
         │
         │ (OAuth Only - No Keys)
         ▼
┌──────────────────────────────┐
│    inchambers.ai Backend     │
│  (Authentication & Billing)  │
└──────────────────────────────┘

Note: Your documents never leave your computer — they go directly to the AI provider.
      API keys are stored encrypted locally and never transmitted to inchambers.ai.

Professional Tier

$200/year/seat - Up to 10 team members

Team collaboration with self-managed API keys and optional PIN protection. Same privacy model as Starter, extended to your entire team. Each member's documents are processed locally and sent directly to AI providers — never through inchambers.ai servers. Org admins can optionally connect Microsoft Azure AI Foundry or Google Vertex AI for centralized model access across the team.

How It Works:

  • 1. Each team member manages their own API keys
  • 2. Keys stored encrypted on individual computers (not centralized)
  • 3. Org admin creates an encrypted shared template folder in their Google Drive or OneDrive
  • 4. Templates are AES-256 encrypted with a passphrase-derived key (PBKDF2, 100K iterations) before upload
  • 5. Each member connects directly to AI providers with their own keys
  • 6. Encrypted template blobs travel browser-to-cloud-drive, never through InChambers servers

Shared Template Vault (Zero-Knowledge):

The org admin sets a Template Vault Passphrase (shared out-of-band with members). This passphrase derives an AES-256 encryption key via PBKDF2 (100K iterations). Templates are encrypted client-side before upload to a shared Google Drive or OneDrive folder. InChambers stores only the folder ID, never the passphrase, encryption key, or template content. Neither InChambers nor the cloud provider can read your shared templates.

Professional Tier Architecture:

┌─────────────────────┐          ┌─────────────────────┐
│  Member 1 Computer  │          │  Member 2 Computer  │
│                     │          │                     │
│  ┌───────────────┐  │          │  ┌───────────────┐  │
│  │ InChambers    │  │──┐    ┌──│  │ InChambers    │  │
│  │ (Web/Word)    │  │  │    │  │  │ (Web/Word)    │  │
│  │ (Own Keys)    │  │  │    │  │  │ (Own Keys)    │  │
│  └───────────────┘  │  │    │  │  └───────────────┘  │
└─────────────────────┘  │    │  └─────────────────────┘
   │              │      │    │      │              │
   │ (AI direct)  │      │    │      │ (AI direct)  │
   ▼              │      │    │      │              ▼
┌──────────┐      │      │    │      │       ┌──────────┐
│ OpenAI   │      │      │    │      │       │ OpenAI   │
│ etc.     │      │      │    │      │       │ etc.     │
└──────────┘      │      │    │      │       └──────────┘
                  │      │    │      │
                  ▼      ▼    ▼      ▼
           ┌───────────────────────────────┐
           │  Shared Drive/OneDrive Folder │
           │  (Admin's Cloud Account)      │
           │                               │
           │  ┌─────────────────────────┐  │
           │  │  .enc.json files        │  │
           │  │  (AES-256 encrypted)    │  │
           │  └─────────────────────────┘  │
           └───────────────────────────────┘
                         │
                         │ (Folder ID only)
                         ▼
           ┌───────────────────────────────┐
           │     inchambers.ai Backend     │
           │  (Auth, Billing, Folder ID)   │
           └───────────────────────────────┘

Note: Each member's documents never leave their computer — sent directly to AI providers.
      API keys are managed individually and never leave each member's device.
      Shared templates are AES-256 encrypted before upload to Drive.

Enterprise Tier

Custom pricing - Managed AI Platform

The ultimate privacy solution: connect your Microsoft Azure AI Foundry or Google Vertex AI deployment. API keys live in your cloud account, centralized for your entire organization. We never see your keys or documents.

How Enterprise AI Platform Works:

  • 1. Connect your Microsoft Azure AI Foundry or Google Vertex AI deployment endpoint
  • 2. API keys stay in your cloud account — never shared with inchambers.ai
  • 3. Access 8+ AI models (GPT-5.2, Claude, Gemini, DeepSeek, Mistral, Cohere) through a single endpoint
  • 4. Built-in logging, monitoring, and compliance via Azure or Google Cloud
  • 5. Org admin controls which models are available to team members
  • 6. Optional CORS proxy for browser-based access with automatic key injection 
Enterprise Tier Architecture (Microsoft Azure AI Foundry / Google Vertex AI):

┌──────────────────────────────────────────────────────┐
│    Your Azure / Google Cloud Account                 │
│                                                      │
│  ┌─────────────────┐    ┌──────────────────┐         │
│  │ Azure AI Foundry │───▶│ Your API Keys   │         │
│  │  or Vertex AI    │    │ (Managed by you) │         │
│  │  (AI Gateway)    │    └──────────────────┘         │
│  └─────────────────┘                                 │
│         │                                            │
│         ▼                                            │
│  ┌──────────────────────────────┐                    │
│  │   AI Models (8+ providers)   │                    │
│  │   GPT-5.2, Claude, Gemini,   │                    │
│  │   DeepSeek, Mistral, Cohere  │                    │
│  └──────────────────────────────┘                    │
│                                                      │
│  ┌──────────────────────────────┐  (optional)        │
│  │   CORS Proxy                 │                    │
│  │   (Injects API key for web)  │                    │
│  └──────────────────────────────┘                    │
└─────────┼────────────────────────────────────────────┘
          │
          │ (API calls via your platform)
          │
┌─────────┴────────┐
│  Your Computer   │
│                  │
│  ┌────────────┐  │
│  │ InChambers │  │
│  │(Web/Word)  │  │
│  └────────────┘  │
│                  │
└──────────────────┘
          │
          │ (License validation only)
          ▼
┌──────────────────┐
│  inchambers.ai   │
│  (License Check) │
└──────────────────┘

Note: We NEVER see your documents, API keys, or AI responses.

Perfect for:

  • Law firms requiring complete data sovereignty via their own cloud account
  • Organizations with strict compliance requirements (SOC 2, HIPAA, FedRAMP)
  • Teams already using Azure or Google Cloud who want centralized AI access
  • Firms that need org-wide model governance and usage monitoring
  • Organizations with existing enterprise cloud agreements and volume discounts

Talk to us about Enterprise AI platform setup

Authentication

OAuth Without Admin Consent

Our authentication system is designed to work seamlessly without requiring organization-wide administrator approval.

Individual Consent Only

Users authenticate with Google or Microsoft using standard OAuth 2.0. No admin approval needed, no special permissions required.

  • Works with any Google or Microsoft account
  • No IT department or admin involvement
  • Instant access after sign-up
  • No organization-wide approval required

Scoped Permissions

We request only the minimum permissions needed for authentication and encrypted template backup.

  • Basic profile only (email and name)
  • Drive/OneDrive: app-created files only
  • No access to personal docs or files
  • Used only for encrypted template backup

What We Store:

User Account Data:
  • Email address
  • Name (from OAuth profile)
  • Subscription tier and status
  • Request count (free tier limit)

Identity and billing only

Usage Analytics:
  • Active user counts (DAU/MAU)
  • Feature usage timestamps
  • Request counts per user
  • Session duration metrics

Counts and timestamps only

What We DON'T Store:
  • API keys (client-side only)
  • Document content
  • AI prompts or responses
  • Templates or encryption keys

No sensitive data on our servers

Technical Details

How It Actually Works

A technical breakdown of our privacy architecture for developers and security teams.

Encrypted Key Storage (Starter Tier)

Your API keys are stored encrypted on your computer. Here's what that means:

  • Origin-isolated: Only the inchambers.ai domain can access these keys
  • Never transmitted: Keys stay on your machine, never sent to our servers
  • Encrypted at rest: Data is encrypted using OS-level encryption
  • User-controlled: You can delete keys anytime from browser settings

Optional PIN Protection

Add an extra layer of security to your locally stored API keys with an optional numeric PIN:

  • PIN-derived encryption: Your PIN derives an AES-256 wrapping key via PBKDF2 (100,000 iterations) that encrypts your stored API keys
  • User-scoped: Each user in a shared browser has their own independent PIN lock
  • Auto-lock: Configurable inactivity timeout (5 minutes to 2 hours, or never). Decryption key cleared from memory on lock
  • XSS-resistant: An attacker who injects script into the page cannot decrypt your API keys without knowing your PIN
  • Recovery: Email verification code or full reset (deletes stored keys). PIN is never stored in plaintext or transmitted to our servers

Edge Proxy (Free & Starter Tiers)

When using our platform-managed DeepSeek R1 key (free tier default, or Starter fallback), your request is routed through a serverless edge proxy — not through inchambers.ai servers. Your documents are relayed on the fly and immediately discarded:

  • Key stays server-side: The DeepSeek R1 API key is stored as an encrypted secret, injected server-side, never sent to your browser
  • Zero storage: Document content is relayed through the proxy on the fly — never persisted, never logged, immediately discarded
  • Serverless execution: Processed on serverless infrastructure for low latency
  • Rate protection: Burst rate limiting (10 requests/minute) plus backend weekly quota enforcement
  • Error sanitization: API keys are never exposed in error messages. All errors are sanitized before reaching your browser

Privacy claim: "Your documents never touch inchambers.ai servers — not even temporarily. The edge proxy relays content on the fly and discards it immediately." Once you add your own API keys, requests bypass the edge proxy entirely and go directly to the AI provider.

Direct AI Provider Connections

When you use inchambers.ai, your browser establishes a direct HTTPS connection to the AI provider:

// Simplified flow:
1. User triggers AI feature
2. App reads document content (client-side)
3. App retrieves API key from encrypted storage (client-side)
4. App makes HTTPS request to AI provider
5. AI response returned directly to app
6. App updates document (client-side)
// inchambers.ai servers: Never involved

Enterprise AI Platform (Microsoft Azure AI Foundry / Google Vertex AI)

Connect your organization's Microsoft Azure AI Foundry or Google Vertex AI deployment for centralized, governed AI access:

  • Your cloud, your keys: API keys stay in your Azure or Google Cloud account — never shared with us
  • Multi-model access: GPT-5.2, Claude, Gemini, DeepSeek, Mistral, and Cohere through a single platform endpoint
  • Model governance: Org admin controls which models are available to team members
  • Enterprise compliance: Built-in logging, audit trails, and compliance via Azure or Google Cloud
  • CORS proxy: Optional proxy (Azure Function / Cloud Function) injects the platform API key for browser-based access

Zero-Knowledge Architecture

Our architecture keeps your data entirely on your device. Here is how each layer works:

Authentication Layer:

We only validate your identity and subscription status. No data passes through this layer.

Processing Layer:

All document processing happens client-side in your browser. Your documents never touch our servers.

API Layer:

Your keys connect directly to AI providers (BYOK), through our edge proxy (Free & Starter tiers, content relayed on the fly and immediately discarded), or through your organization's Microsoft Azure AI Foundry / Google Vertex AI platform (Professional/Enterprise). We're never in the request path for BYOK or platform users.

Storage Layer:

We store billing info, account metadata, and shared folder IDs. Templates are AES-256 encrypted and stored in your own cloud drive. No keys, no documents, no AI responses on our servers.

Comparison

How We Compare

Understanding the difference between our privacy-first approach and traditional SaaS AI tools.

Feature inchambers.ai Traditional AI SaaS
Document data sent to vendor
API keys stored on vendor servers
Client-side processing
Self-hosted proxy option
Works with any AI provider
Admin consent required Often
Complete data sovereignty

Ready to Experience True Privacy?

Start with our free tier today, no credit card required. Your data stays private from day one.

Get In Touch View Pricing