Security · Privacy

Visible to you.
Invisible to everything else.

InvisiQ doesn’t need to be trusted. Every claim on this page is verifiable, and every request leaves your machine only when you decide it should.

Watch it disappear

A side-by-side proof.

Your screen on the left. What Zoom shares with everyone else on the right.

invisiq.xyz · security-proof.mp4
The promises

Four guarantees you can audit yourself.

OS-level capture exclusion

The overlay uses Windows’ native SetWindowDisplayAffinity(WDA_EXCLUDEFROMCAPTURE), a documented privacy API in Windows 10 v2004+ and 11. The flag tells the OS to drop the window from every standard capture pipeline (Zoom, Teams, Meet, OBS, Snipping Tool, Print Screen). Not a kernel hook. Not a driver. The same primitive that Netflix uses to hide protected video.

AES-256-GCM encrypted keys

API keys are encrypted at rest with a machine-derived key (PBKDF2-SHA256, 600K iterations) and stored in an encrypted electron-store file. They never leave your device except as the body of a direct call to the AI provider you chose.

Zero telemetry, zero cloud

No analytics. No auth server. No usage logs. No update pings to us. The only outbound connections are the ones you make to OpenAI, Anthropic, Google, or your local Ollama instance. And we’re not in the middle of any of them.

Your data stays on your device

Conversations, screenshots, memory index, and settings are stored locally. Decrypted only at the moment of use. There is no InvisiQ cloud to leak from, get subpoenaed, or get breached because we never put one in front of your data.

Data flow

Where your prompt actually goes.

Three nodes, two of which are yours. We’re not on this diagram on purpose.

Common questions

Security & privacy, asked.

Yes. To every Windows app that uses the standard capture APIs. That covers Zoom, Microsoft Teams, Google Meet, Discord, OBS Studio, the Snipping Tool, and Print Screen. Kernel-level DLP software and a physical camera pointed at your screen are the only known exceptions. Use of the Service in contexts where unaided performance is contractually required (such as proctored exams or supervised assessments) is prohibited by our Acceptable Use Policy.
No. There is no InvisiQ server. Conversations, API keys, settings, and screenshots all stay on your machine. The only network requests InvisiQ makes are direct API calls to the providers you configure, and those go straight to OpenAI / Anthropic / Google over TLS 1.3.
Encrypted on your machine using AES-256-GCM, with a key derived from your hardware via PBKDF2-SHA256 (600K iterations). They’re stored in an encrypted electron-store file and decrypted in memory only at the moment of an outbound request.
Local data, including conversations, screenshots, API keys, and the memory index, stays on your machine until you delete it (Settings → Data → Erase local storage). The only account data we hold is your email and trial state; we collect no payment details during beta. Full detail in the Privacy Policy.
Try it yourself

The only way to test invisible is… to try it.

Download InvisiQ, open a Zoom meeting with yourself, share your screen, and look at the recording. The overlay isn’t there.

Start your 14-day free trial How the beta works