GhostVault logo GhostVault

End‑to‑end encrypted storage that feels invisible.

GhostVault keeps your files, notes, and records locked with keys only you control. Share selectively, audit instantly, and sleep soundly.

Create your vault See how it works

No credit card required • Zero‑knowledge by design

  • Zero‑knowledge
  • 2FA / Passkeys
  • Granular sharing
  • Audit trails
  • API access

Do more, reveal less

Client‑side encryption

Files are encrypted before they leave your device using modern, vetted algorithms. Your private keys never touch our servers.

Spaces & roles

Organize work into Spaces with role‑based access (Owner, Admin, Contributor, Viewer). Invite with time‑boxed, link‑limited sharing.

Versioning & recovery

Automatic version history and soft‑delete let you roll back mistakes. Optional geo‑redundant backups.

Activity trails

Every access, share, and edit is recorded with timestamp, device, and IP for complete visibility.

Integrations

Use the REST API or drop‑in SDK. Webhooks notify your systems of changes in real time.

Privacy by default

No trackers, no ad tech. Minimal telemetry with on/off toggles and clear data retention controls.

How it works

  1. Create a vault and generate your recovery kit.
  2. Add files, notes, and records — everything is encrypted locally.
  3. Share with expiring links, passcodes, and watermarking.
  4. Audit access with built‑in logs and alerts.

Placeholders: Hook these buttons to your app routes once ready.

Open web app View API docs
Client-side encryption flow diagram

Security & compliance

  • End‑to‑end encryption (client‑side AES‑GCM + X25519 key exchange)
  • Passkeys (WebAuthn) and TOTP 2‑factor authentication
  • Granular permissions, SSO (SAML/OIDC), SCIM user provisioning
  • Regional data residency options
  • Third‑party pen‑tests and coordinated disclosure program

Note: Replace algorithm & compliance details with your actual implementation before launch.

HIPAA‑friendly*
*Add BAA & safeguards if handling PHI.
GDPR/CCPA
Data subject tools and DPA on request.
Zero‑knowledge
We can’t see your content by design.

Simple pricing

Starter

$0/mo

  • 5 GB encrypted storage
  • 1 Space, 3 members
  • Basic sharing
Start free

Pro

$12/user/mo

  • 2 TB storage
  • Unlimited Spaces
  • Audit logs & API
Try Pro

Business

Let’s talk

  • Custom storage & SSO
  • DPA/BAA available
  • Priority support
Contact sales

Own your secrets. Start your vault.

Submitting stores your email for launch updates only. No spam.

FAQ

What does “zero‑knowledge” mean here?

Your data is encrypted locally with keys only you control. Our servers handle ciphertext and metadata necessary for sync/sharing, not plaintext contents.

Can I recover my account if I lose my key?

Yes, if you enable the recovery kit. Store it offline. Without recovery enabled, we cannot restore access.

Do you support business agreements (BAA/DPA)?

Business plan customers can request a DPA. A BAA is possible if your implementation meets HIPAA requirements. Replace this with your policy.