Privacy-First Architecture

Your Legal Data
Never Touches Our Servers

A deep dive into our privacy-first architecture across all tiers. Learn how we've designed inchambers.ai so that your confidential client information stays exactly where it belongs: with you.

Core Principles

Privacy-First by Design

We built inchambers.ai with a fundamental principle: we never have access to your data or API keys, regardless of which tier you choose.

Client-Side Processing

All document analysis happens in your Microsoft Word instance. Your contracts never leave your computer.

Your Keys, Your Control

You bring your own API keys. They're stored encrypted on your computer or infrastructure, never on our servers.

No Sensitive Data Logging

We never log, store, or analyze your documents, prompts, or AI responses. We only track superficial usage metrics (DAU/MAU).

Privacy Across All Tiers

Every Tier is Private by Default

From Free to Enterprise, your data privacy is never compromised. Here's exactly how each tier protects your information.

Free Tier

70 requests per week

The free tier offers two options, both completely private:

Option 1: Use Our DeepSeek Key

  • We provide a shared DeepSeek API key
  • Your documents are sent directly to DeepSeek
  • We never see your document content
  • Rate limited to 70 requests/week

Option 2: Bring Your Own Keys

  • Use your own API keys (OpenAI, Anthropic, etc.)
  • Keys stored encrypted on your computer
  • Direct connection to AI provider from your browser
  • Same 70 requests/week limit
  • Templates stored locally + optional encrypted cloud backup

Template Storage:

Templates are stored locally in the add-in and optionally backed up to a dedicated app folder in your Google Drive or OneDrive. We use scoped access so the app can only see files it created, never your personal documents or other Drive contents. Backups are AES-256 encrypted before upload, and the encryption key is generated locally and stays on your device. Only you can decrypt your templates.

Free Tier Architecture (70 requests/week):

Option 1: Our DeepSeek Key            Option 2: Bring Your Own Keys

┌──────────────────┐                  ┌──────────────────┐
│  Your Computer   │                  │  Your Computer   │
│                  │                  │                  │
│  ┌────────────┐  │                  │  ┌────────────┐  │
│  │  MS Word   │  │                  │  │  MS Word   │  │
│  │  + Add-in  │  │                  │  │  + Add-in  │  │
│  └──────┬─────┘  │                  │  └──────┬─────┘  │
│         │        │                  │         │        │
└─────────┼────────┘                  │  ┌──────▼─────┐  │
          │                           │  │  Encrypted │  │
          ▼                           │  │  API Keys  │  │
┌──────────────────┐                  │  └──────┬─────┘  │
│  DeepSeek API    │                  └─────────┼────────┘
│  (Platform Key)  │                            │
└──────────────────┘                            ▼
          │                           ┌──────────────────┐
          │                           │   AI Provider    │
          │                           │  (OpenAI, etc.)  │
          │                           └──────────────────┘
          │                                     │
          ▼                                     ▼
┌───────────────────────────────────────────────────────┐
│                  inchambers.ai Backend                │
│              (Authentication & Billing)               │
│                                                       │
│   Tracks request count only (70/week limit).          │
│   Content is NOT stored, logged, or persisted.        │
└───────────────────────────────────────────────────────┘

Starter Tier

Unlimited requests

Personal API keys, stored encrypted on your computer. We never have access to your credentials. DeepSeek is available as a fallback if you haven't configured your keys yet.

How It Works:

  • 1. You provide your own API keys (OpenAI, Anthropic, Google, DeepSeek, etc.)
  • 2. Keys are stored encrypted on your computer
  • 3. Our add-in uses these keys to connect directly to AI providers
  • 4. Keys never leave your computer and never reach our servers
  • 5. Our backend only handles OAuth authentication (no admin consent required)
  • 6. Templates stored locally + AES-256 encrypted cloud backup to your Drive/OneDrive

DeepSeek AI is available as a fallback via our platform key if you haven't configured your own keys yet.

Template Storage:

Templates are stored locally in the add-in and automatically backed up (AES-256 encrypted) to a dedicated app folder in your Google Drive or OneDrive. Access is strictly scoped: the app can only reach files it created, not your personal documents or other Drive contents. The encryption key is auto-generated and stored only on your device. Neither InChambers nor the cloud provider can read your templates.

Starter Tier Architecture:

┌──────────────────────────────┐
│      Your Computer           │
│                              │
│  ┌────────────────────────┐  │
│  │ MS Word + Add-in       │  │
│  │                        │  │
│  │  ┌──────────────────┐  │  │      ┌─────────────┐
│  │  │  Encrypted       │  │  │─────▶│  OpenAI     │
│  │  │  Storage         │  │  │      │  Anthropic  │
│  │  └──────────────────┘  │  │◀─────│  Google     │
│  │                        │  │      │  etc.       │
│  └────────────────────────┘  │      └─────────────┘
│                              │
└──────────────────────────────┘
         │
         │ (OAuth Only - No Keys)
         ▼
┌──────────────────────────────┐
│    inchambers.ai Backend     │
│  (Authentication & Billing)  │
└──────────────────────────────┘

Note: API keys are stored encrypted on your computer and never transmitted to inchambers.ai

Professional Tier

$200/year/seat - Up to 10 team members

Team collaboration with self-managed API keys. Same privacy model as Starter, extended to your entire team. DeepSeek is available as a fallback if a member hasn't configured their keys yet.

How It Works:

  • 1. Each team member manages their own API keys
  • 2. Keys stored encrypted on individual computers (not centralized)
  • 3. Org admin creates an encrypted shared template folder in their Google Drive or OneDrive
  • 4. Templates are AES-256 encrypted with a passphrase-derived key (PBKDF2, 100K iterations) before upload
  • 5. Each member connects directly to AI providers with their own keys
  • 6. Encrypted template blobs travel browser-to-cloud-drive, never through InChambers servers

Shared Template Vault (Zero-Knowledge):

The org admin sets a Template Vault Passphrase (shared out-of-band with members). This passphrase derives an AES-256 encryption key via PBKDF2 (100K iterations). Templates are encrypted client-side before upload to a shared Google Drive or OneDrive folder. InChambers stores only the folder ID, never the passphrase, encryption key, or template content. Neither InChambers nor the cloud provider can read your shared templates.

Professional Tier Architecture:

┌─────────────────────┐          ┌─────────────────────┐
│  Member 1 Computer  │          │  Member 2 Computer  │
│                     │          │                     │
│  ┌───────────────┐  │          │  ┌───────────────┐  │
│  │ MS Word       │  │──┐    ┌──│  │ MS Word       │  │
│  │ + Add-in      │  │  │    │  │  │ + Add-in      │  │
│  │ (Own Keys)    │  │  │    │  │  │ (Own Keys)    │  │
│  └───────────────┘  │  │    │  │  └───────────────┘  │
└─────────────────────┘  │    │  └─────────────────────┘
   │              │      │    │      │              │
   │ (AI direct)  │      │    │      │ (AI direct)  │
   ▼              │      │    │      │              ▼
┌──────────┐      │      │    │      │       ┌──────────┐
│ OpenAI   │      │      │    │      │       │ OpenAI   │
│ etc.     │      │      │    │      │       │ etc.     │
└──────────┘      │      │    │      │       └──────────┘
                  │      │    │      │
                  ▼      ▼    ▼      ▼
           ┌───────────────────────────────┐
           │  Shared Drive/OneDrive Folder │
           │  (Admin's Cloud Account)      │
           │                               │
           │  ┌─────────────────────────┐  │
           │  │  .enc.json files        │  │
           │  │  (AES-256 encrypted)    │  │
           │  └─────────────────────────┘  │
           └───────────────────────────────┘
                         │
                         │ (Folder ID only)
                         ▼
           ┌───────────────────────────────┐
           │     inchambers.ai Backend     │
           │  (Auth, Billing, Folder ID)   │
           └───────────────────────────────┘

Note: Each member manages own API keys (never leave their computer).
      Shared templates are AES-256 encrypted before upload to Drive.
      InChambers stores only the folder ID, never template content.

Enterprise Tier

Custom pricing - Zero infrastructure management

The ultimate privacy solution: Cloudflare Workers deployed in your account. We never see your keys or documents, with zero servers to manage.

How Enterprise Deployment Works:

  • 1. We provide you a pre-built Cloudflare Worker with one-command deployment
  • 2. Deploy to your own Cloudflare account with your API keys as encrypted secrets
  • 3. All AI requests route through your Worker at the edge (300+ global locations)
  • 4. Built-in logging, monitoring, and DDoS protection via Cloudflare
  • 5. Zero servers to manage, automatic scaling, 70-90% cost reduction vs traditional cloud
  • 6. Firm-level template library stored securely in your own Cloudflare R2 bucket 
Enterprise Tier Architecture (Cloudflare Worker in Your Account):

┌──────────────────────────────────────────────────────┐
│          Your Cloudflare Account (Global Edge)       │
│                                                      │
│  ┌─────────────────┐    ┌──────────────────┐         │
│  │ Cloudflare      │───▶│ Workers Secrets  │         │
│  │ Worker          │    │ (Your API Keys)  │         │
│  │ (AI Gateway)    │    └──────────────────┘         │
│  └─────────────────┘                                 │
│         │                                            │
│         │                                            │
│         ▼                                            │
│  ┌──────────────────────────────┐                    │
│  │   AI Provider APIs           │                    │
│  │   (OpenAI, Anthropic, etc.)  │                    │
│  └──────────────────────────────┘                    │
│         ▲                                            │
│         │                                            │
│  ┌──────────────────────────────┐                    │
│  │   Cloudflare R2 Bucket       │                    │
│  │   (Template Library Storage) │                    │
│  └──────────────────────────────┘                    │
└─────────┼────────────────────────────────────────────┘
          │
          │ (Direct API calls)
          │
┌─────────┴────────┐
│  Your Computer   │
│                  │
│  ┌────────────┐  │
│  │  MS Word   │  │
│  │  + Add-in  │  │
│  └────────────┘  │
│                  │
└──────────────────┘
          │
          │ (License validation only)
          ▼
┌──────────────────┐
│  inchambers.ai   │
│  (License Check) │
└──────────────────┘

Note: We NEVER see your documents, API keys, AI responses, or templates.

Perfect for:

  • Law firms requiring complete data sovereignty with zero infrastructure
  • Organizations with strict compliance requirements (SOC 2, HIPAA, FedRAMP)
  • Global firms needing low-latency access worldwide (300+ edge locations)
  • Teams that want full control without managing servers
  • Firms needing private template libraries stored in their own cloud storage

Talk to us about Enterprise deployment

Authentication

OAuth Without Admin Consent

Our authentication system is designed to work seamlessly without requiring organization-wide administrator approval.

Individual Consent Only

Users authenticate with Google or Microsoft using standard OAuth 2.0. No admin approval needed, no special permissions required.

  • Works with any Google or Microsoft account
  • No IT department or admin involvement
  • Instant access after sign-up
  • No organization-wide approval required

Scoped Permissions

We request only the minimum permissions needed for authentication and encrypted template backup.

  • Basic profile only (email and name)
  • Drive/OneDrive: app-created files only
  • No access to personal docs or files
  • Used only for encrypted template backup

What We Store:

User Account Data:
  • Email address
  • Name (from OAuth profile)
  • Subscription tier and status
  • Request count (free tier limit)

Identity and billing only

Usage Analytics:
  • Active user counts (DAU/MAU)
  • Feature usage timestamps
  • Request counts per user
  • Session duration metrics

Counts and timestamps only

What We DON'T Store:
  • API keys (client-side only)
  • Document content
  • AI prompts or responses
  • Templates or encryption keys

No sensitive data on our servers

Technical Details

How It Actually Works

A technical breakdown of our privacy architecture for developers and security teams.

Encrypted Key Storage (Starter Tier)

Your API keys are stored encrypted on your computer. Here's what that means:

  • Origin-isolated: Only the inchambers.ai domain can access these keys
  • Never transmitted: Keys stay on your machine, never sent to our servers
  • Encrypted at rest: Data is encrypted using OS-level encryption
  • User-controlled: You can delete keys anytime from browser settings

Direct AI Provider Connections

When you use the add-in, your browser establishes a direct HTTPS connection to the AI provider:

// Simplified flow:
1. User triggers AI feature in Word
2. Add-in reads document content (client-side)
3. Add-in retrieves API key from encrypted storage (client-side)
4. Add-in makes HTTPS request to AI provider
5. AI response returned directly to add-in
6. Add-in updates document (client-side)
// inchambers.ai servers: Never involved

Enterprise Cloudflare Worker Architecture

A pre-built Cloudflare Worker that you deploy to your own Cloudflare account:

  • Serverless: Zero infrastructure to manage, runs at the edge globally
  • Key management: API keys stored as encrypted Workers Secrets in your account
  • Global deployment: Automatically deployed to 300+ edge locations worldwide
  • Built-in security: DDoS protection, automatic TLS, isolated execution per request
  • Cost effective: 70-90% cheaper than traditional cloud hosting

Zero-Knowledge Architecture

Our architecture keeps your data entirely on your device. Here is how each layer works:

Authentication Layer:

We only validate your identity and subscription status. No data passes through this layer.

Processing Layer:

All document processing happens client-side in the Word add-in. We never receive document content.

API Layer:

Your keys connect directly to AI providers (or through your Cloudflare Worker). We're not in the request path.

Storage Layer:

We store billing info, account metadata, and shared folder IDs. Templates are AES-256 encrypted and stored in your own cloud drive. No keys, no documents, no AI responses on our servers.

Comparison

How We Compare

Understanding the difference between our privacy-first approach and traditional SaaS AI tools.

Feature inchambers.ai Traditional AI SaaS
Document data sent to vendor
API keys stored on vendor servers
Client-side processing
Self-hosted proxy option
Works with any AI provider
Admin consent required Often
Complete data sovereignty

Ready to Experience True Privacy?

Start with our free tier today, no credit card required. Your data stays private from day one.

Get In Touch View Pricing