Private AI Chat with Local Browser Storage
Secret Chat is a private AI chat app that gives you access to the best AI models — GPT, Claude, Gemini, and Grok — through a single secure interface. Your chats and any files you upload are stored on your own device, in the browser's local storage, instead of in a vendor's cloud account. In simple terms: text chats live in your browser's IndexedDB, and uploaded images and PDFs live in OPFS (the browser's sandboxed file system).
That combination — multi-model access plus local browser storage — is what makes Secret Chat a practical private GPT alternative and a secure AI chat option for people who want to use modern AI without building a long-term conversation history on someone else's servers. This page explains how the architecture works, what it does and does not protect against, and how it compares to standard consumer AI chatbots.
AI and the professional confidentiality conflict
For lawyers, therapists, compliance officers, and journalists, confidentiality is not a feature — it is a legal and ethical mandate. Yet artificial intelligence presents a clear confidentiality risk when used with sensitive professional data on consumer platforms: prompts you type into a public chatbot travel to a third-party server, may be stored on that server, and can be used to fine-tune future versions of the model.
Consider a concrete scenario. A lawyer pastes a draft non-disclosure agreement into a free consumer chatbot to “make the language tighter.” That contract text is now sitting on the provider’s infrastructure, potentially logged for safety review, possibly fed back into a training corpus, and reachable by anyone with privileged access to that pipeline — or by anyone who breaches it. The same pattern applies to a therapist summarizing session notes, a compliance officer testing a disclosure draft, or a journalist refining sensitive source material. Many professionals unknowingly violate confidentiality obligations every week this way, and a single data breach at the provider’s end can convert that quiet violation into a public incident.
The vague “do not train on my data” toggles offered by many consumer services are promises, not proof. In regulated environments, artificial intelligence requires verifiable privacy controls — contractual, technical, and auditable — before it can be safely used at all. That is what a private AI chatbot delivers, and it is what the rest of this guide describes.
What makes a chatbot truly private: architecture vs. settings
A truly private chatbot differs from a standard public AI tool in architecture, not in marketing copy. The distinction matters: settings can be changed, but architectures are structural commitments. A secure chatbot is built to process sensitive professional queries without data exposure to third-party servers, and that property has to be visible in how the system is wired, not just in its terms of service.
Four properties define a genuinely private AI chatbot
- Local-first storage. Messages are stored in your browser’s IndexedDB and uploaded files in OPFS. Conversation history never resides on the platform’s servers, so it cannot be retrieved, subpoenaed, or breached from a central database.
- Responses deleted at the provider wherever possible. Where the model provider supports it, the gateway sends an explicit request to delete your prompt and response after each session, and accesses every model under business API terms rather than a consumer privacy toggle.
- Identity anonymization. Registration collects an email only — no names, phone numbers, or billing identity tied to your queries. Sessions are not stitched into a behavioral profile, so your query patterns cannot be reverse-engineered into a portrait of your clients or cases.
- Verifiable evidence. Every session produces a PDF Session Privacy Report you can keep for compliance: a tangible artifact showing how the data was handled, rather than a vendor promise on a marketing page.
The contrast with a standard chatbot is sharp
| Property | Standard public chatbot | Private AI chatbot (gateway) |
|---|---|---|
| Conversation storage | Vendor cloud, tied to your account | Browser-local (IndexedDB / OPFS) |
| Model-side data handling | Policy toggle, may default to retain | Business API terms; responses deleted where possible |
| Identity linkage | Account, payment, phone, history | Email-only, no behavioral profile |
| Per-session proof | None | PDF Session Privacy Report |
How the secure gateway architecture works: API, keys, and deletion
At the technical core, Secret Chat is a secure AI gateway. Instead of you holding an account directly with OpenAI, Anthropic, Google, xAI, or any other provider, the gateway holds those accounts and exposes the models to you through a single private interface. APIs are the channel: each query you submit is routed through the gateway’s API integrations to the chosen model provider, and your identity is never exposed to that provider.
The mechanism rests on two pieces. First, API access itself provides stronger privacy guarantees than direct consumer AI tool usage, because providers offer business-grade data terms at the API layer that they do not offer in their free consumer products. Second, API keys held by the gateway authenticate model requests on behalf of all users, so the model provider sees the gateway as the caller, not you. Your queries arrive without your name, your IP, or any account-level fingerprint.
The end-to-end flow is straightforward
- You submit a prompt from your browser.
- The gateway routes it to the selected model via a managed API key.
- The model processes the prompt under business API terms, and we request deletion of the response where the provider supports it.
- The response is returned through the gateway to your browser.
- The message is stored locally in your browser storage. No conversation copy is kept server-side.
This is the difference between a privacy setting and a privacy architecture: your data is handled under business API terms and deleted wherever the provider allows it, not left to a checkbox you have to remember to tick.
Why OpenAI models are safe to use through a private gateway
A common — and reasonable — question from professionals is: “If I don’t trust ChatGPT with confidential work, why would I trust GPT through your gateway?” The answer comes down to a point most users never see: OpenAI’s consumer ChatGPT product and OpenAI’s API are governed by fundamentally different data policies.
OpenAI develops the GPT models used within Secret Chat, but when those models are accessed via the gateway’s API integration — effectively a Private ChatGPT — OpenAI is contractually bound not to retain user data, a protection that simply does not exist in a free ChatGPT account. Consumer ChatGPT may log conversations for safety review and model improvement; the API, under business terms, does not. OpenAI’s behavior therefore differs from its consumer product in a measurable, contractual way when accessed through a secure gateway.
Where additional assurance is needed, Secret Chat will also send explicit deletion requests to OpenAI and xAI (Grok) for the relevant session data, and the result of that request is recorded in the per-message PDF Session Privacy Report. You don’t have to take our word for it — the report is the verifiable evidence.
| Aspect | Consumer ChatGPT | GPT via Secret Chat gateway |
|---|---|---|
| Data handling | Logs may be retained and reviewed | Business API terms; explicit deletion request where supported |
| Training use | May be used unless you opt out | Excluded by business API terms |
| Identity exposure | Tied to your OpenAI account | Routed via the gateway’s API key; OpenAI never sees you |
| Per-session proof | None | PDF Session Privacy Report |
How we delete your responses: what it means and how to verify it
Privacy promises are easy to make and hard to prove, so it’s worth being precise about what Secret Chat actually does. After your prompt is processed and the response returned, the gateway works under business API terms and, wherever the provider supports it, sends an explicit request to delete your prompt and response. It is a concrete action taken at the API layer, not a policy statement on a website.
It helps to separate three things that often get blurred together
- A platform’s own privacy policy — describes how that platform behaves, in general, with respect to your data.
- A model provider’s consumer terms — describe what the provider may do with prompts sent to its free or consumer products.
- An explicit deletion request — a concrete action the gateway takes through its API agreement to have the provider remove your prompt and response wherever that is supported.
Verifiable deletion matters for compliance in legal, medical, and financial professional environments, where regulators do not accept “we promise we don’t look at it” as a control. The Session Privacy Report PDF is the practical evidence mechanism: each report records which model handled the request and — where the provider supports it — whether the deletion request was acknowledged. That turns an abstract guarantee into a document you can attach to a compliance file.
The guarantees differ from model to model, so it’s important not to assume a single approach applies across the board. In particular, “Provider auto-delete” means that Secret Chat sends an explicit request to the provider to delete the response wherever that is supported. The table summarizes which guarantee applies to which model.
| Model | Training opt out | Provider auto-delete |
|---|---|---|
| Claude | ✓ | |
| Gemini | ✓ | |
| GPT Image 2 | ✓ | |
| Nano Banana | ✓ | |
| Grok Imagine Pro | ✓ | |
| Grok Text | ✓ | ✓ |
| GPT Text | ✓ | ✓ |
| Qwen Image | ✓ | ✓ |
| Seedream | ✓ | ✓ |
How browser storage protects your AI conversations
Privacy at the model provider is only half of the picture. The other half is where your conversation history lives once a response comes back. In Secret Chat, the answer is: in your browser, and nowhere else.
Two browser-native storage mechanisms do the work. IndexedDB is a structured database built into every modern web browser; Secret Chat uses it to store your message history. OPFS (Origin Private File System) is a sandboxed file system inside the browser, isolated from the regular file system and from other sites; Secret Chat uses it for uploaded files. For a plain-English explanation of both, see our guide to local browser storage for AI chats: IndexedDB and OPFS explained.
Architecturally, browser-local storage is superior to cloud storage for sensitive professional data for three reasons. The data never travels to a server, so there is no server-side copy to subpoena from the platform provider. There is no central database to breach. And the conversation is only accessible from the device where you created it. The web browser, in this model, serves as the local storage environment for all chat data — establishing a hardware-level data boundary that no remote party, including Secret Chat itself, can cross.
The data flow ends at your browser: prompt leaves the browser → traverses the gateway to the model → response returns to the browser → history is written back to IndexedDB / OPFS. There is no “Secret Chat cloud archive” of your conversations, because there is no need for one.
Identity anonymization: how session anonymization prevents data trails
Anonymity in Secret Chat is achieved through email-only registration: no names, no phone numbers, no government identifiers. Sessions are not tied to a behavioral user profile, which means the platform cannot build a model of who you are by linking your query patterns over time. For a lawyer running searches that hint at a particular client, or a journalist whose queries describe an unannounced investigation, this matters: the search behavior itself can reveal as much as the search content. Session-level anonymization prevents the creation of that data trail, and is a substantive legal safeguard rather than a cosmetic one.
Professional confidentiality obligations and AI: a sector-by-sector breakdown
Confidentiality is required by law and professional ethics for lawyers, therapists, compliance officers, and journalists. The specific rules differ, but the underlying logic is identical: any tool that touches client data must meet the same data-handling standard as the rest of your stack. The table below maps the obligation, the public-AI risk, and how Secret Chat’s architecture resolves it.
| Profession | Governing rule | Risk with public AI | How Secret Chat resolves it |
|---|---|---|---|
| Lawyers | Attorney–client privilege; bar ethics rules | Pasting contract or case material into a consumer chatbot may waive privilege and breach duty of competence in technology use | The same universal architecture, regardless of profession: Chat history stored locally in your browser (IndexedDB / OPFS). Email-only anonymized sessions with no behavioral profile. Business API terms that govern how each model provider handles the request. A per-session PDF Session Privacy Report you can keep for the file. |
| Therapists | HIPAA (US), professional licensing codes | Session notes processed by a consumer LLM become protected health information stored outside any BAA | |
| Compliance officers | Internal policy, regulator expectations, SOX/SOC obligations | Drafting investigation or disclosure language in a public tool leaks the existence and shape of the matter itself | |
| Journalists | Source protection; editorial confidentiality | Source names, locations, or unpublished material processed by a consumer tool may be retained and exposed in a breach |
Accessing GPT and leading AI models privately: what professionals need to know
A secure chatbot is most useful when it does not lock you into a single model. Secret Chat enables access to the best AI models — GPT, Claude, Gemini, and Grok — through one private interface, so you don’t have to create accounts on multiple consumer platforms (each with its own privacy regime) to use the right tool for each task.
Privacy mechanism by provider
- OpenAI (GPT) and xAI (Grok). Accessed under business API terms, then followed by an explicit deletion request from Secret Chat to the provider for that session. The outcome is recorded in your PDF Session Privacy Report.
- Anthropic (Claude) and Google (Gemini). Accessed under their respective API business terms, where the provider is contractually bound not to retain or train on the gateway’s traffic.
Model selection then becomes a matter of fit. GPT-5 is the strongest default for complex legal and financial work — multi-document contract review, comparative regulatory analysis, financial modeling commentary — and GPT can be used with full privacy when accessed via the gateway, because business API terms apply at the API level and we request deletion of the response before data ever lingers on OpenAI’s consumer infrastructure. Claude is well suited to long-form drafting and nuanced editorial work. Gemini integrates strongly with structured and multimodal inputs. Grok is useful when you want a different reasoning style or current-events grounding.
Self-hosting vs. secure gateway: an honest comparison for professionals
It is worth being honest about the alternatives. Open-source software enables self-hosting of AI models as an alternative privacy approach, and for a well-resourced organization that is a perfectly reasonable choice. But open-source AI models require significant technical expertise and infrastructure to deploy securely — GPU hardware, model weights management, prompt-injection hardening, update cycles, monitoring — and that operational load does not shrink over time.
| Option | Estimated cost | Technical barrier | Privacy level | Maintenance burden |
|---|---|---|---|---|
| Self-hosting (open source) | Hardware + ops time | High | Maximum (complete data isolation) | Ongoing, in-house |
| Enterprise private deployment | Six figures and up annually | High (procurement + IT) | Very high (dedicated tenancy) | Vendor + in-house |
| Secure gateway (Secret Chat) | Usage-based, individual-friendly | None | High (responses deleted where possible + local-only history) | None on your side |
Self-hosting offers the strongest theoretical isolation; an enterprise deployment offers contractual depth at organizational scale. For an individual professional or a small team, neither is practical week-to-week. The secure gateway is the option that delivers verifiable privacy without requiring you to become an AI-infrastructure team. To dive deeper into the architectural side, see our detailed guide on Private AI Models.
Secret Chat: a private AI chat app built around local storage
Secret Chat brings together the things most consumer AI chatbots make you choose between: multiple high-quality models, minimal account data, and a chat history that stays on your device instead of in a vendor's cloud.
Minimal account, local storage
Registration uses an email only — no real name, no phone number, no profile-building. Your messages and uploaded files are stored in your browser's local storage (IndexedDB for text chats, OPFS for images and PDFs); we don't keep a server-side copy of your conversations. For a closer look at using GPT-class models this way, see our guide to Private GPT.
Multiple AI models, one private chat
Switch between GPT, Claude, Gemini, and Grok inside one private AI chat interface — the right tool for each task, without creating a separate account for each provider.
Smart, agentic models that can search the web
The main models — GPT, Claude, Gemini, and Grok — are agentic: they can work out how to handle your request on their own. By default they run in a Smart Agentic mode that decides whether to give a quick answer, search the internet, do deeper research, or create an image — and you can also choose the mode yourself. In their search and research modes they look things up online, open and read web pages, and give you links to their sources. They can also see images you share, and most can generate images too. Grok Fast and Perplexity, both available to free users, can search the internet and provide links as well. See the full lineup on our private AI models page.
Verifiable proof for peace of mind
Our Session Privacy Report is your guarantee. This PDF, available for every interaction, records the retention regime that applied to the session and — for OpenAI and Grok — the outcome of the explicit deletion request. It is the tangible evidence you need for compliance reviews and client assurance.

A clearer way to use AI privately
If you want a private AI chatbot that gives you a real choice of models and keeps your conversation history on your own device, Secret Chat is built for that single purpose. It is not a fully anonymous network and it cannot make any AI model forget what is technically impossible to forget — but it does remove the most common privacy weaknesses of consumer chat apps: cloud-stored history tied to a real identity, training on your prompts, and accounts stitched together across providers.
Start a private AI chat and keep your history where it belongs — in your browser.