Encrypted Form Builder

Create forms the same way you would in any modern builder—except every response is encrypted before it reaches our servers.

An encrypted form builder should mean more than HTTPS. Cyphorm derives a 4096-bit RSA keypair in your browser. Respondents’ answers are encrypted to your public key; only your private key can decrypt. We never see that private key.

What our database stores

The same ciphertext-only row structure backs every tier, including Free.

① What the respondent sees

Job Application
🔒 End-to-End Encrypted by Cyphorm™

Before the data leaves the browser, JavaScript encrypts it using the form owner's public key. The plaintext never touches the network.

② What Cyphorm™'s database stores

-- encrypted_responses table
encrypted_payload:
7GpLmX3kR9wQzN1vBs8TdYeKfJhCnOuA4iW6xP2yVqEaImZ0bHlcDgRtMFsUjp+kL9XnQ3YwCzA1vBe8TdKfJhOpNm7GsLrX4iW2xPqEaZ0bHlcVgRtM...
encrypted_key:
X9mKpL3rQzN7vBs1TdYeGfJhCnOuA4iW6xP2yVqEaImZ0bHlcDg...
iv:
aBcDeFgHiJkL==
submitted_at:
2026-03-22 15:04:12

This is the literal content of the database row. There is no name, no email, no cover letter — only ciphertext that is mathematically meaningless without the private key.

③ Why we can't read it — ever

Your password
Stored as a one-way bcrypt hash. We cannot reverse it. Even if we wanted to, we don't know what you typed.
Your private key
Never sent to our servers. It lives only in your browser's storage, wrapped with a key derived from your password.
The encrypted data
Decryptable only with the private key, which only you have. A court order against us yields nothing readable.
The chain of custody
Password → derives key → unlocks private key → decrypts data. We are not in this chain at any step.

This isn't a privacy policy promise. It's a mathematical guarantee enforced by your browser.

Related

Try Cyphorm Free