Browser-native security for email & web

Protect sensitive text before it leaves the browser

Veil is a browser extension and team platform for securing secrets in Outlook, Gmail, and everyday web apps. Replace API keys, credentials, and PII with [redacted] or team tokens — encrypted locally, sent as normal mail.

Set up your team Join a team Install extension Pricing

Built for regulated teams

Veil detects 20+ sensitive data types while you type or paste — then maps them to frameworks your auditors already ask about.

Financial

Credit cards, IBANs (including while typing), SWIFT/BIC, routing numbers, tax/VAT IDs, bank accounts.

Healthcare

MRNs, NHS numbers, SSNs, dates of birth, passports — with HIPAA-oriented policy pack.

Secrets & identity

API keys, JWTs, passwords, emails, phones, national IDs, driver licences, internal ticket refs.

Apply a policy pack in admin — Finance, Healthcare, GDPR/EU, Engineering, or observational rollout. Copilot shows the regulation context (e.g. GDPR, PCI DSS) before you send.

Set up team + policy pack See pricing

Secure in the compose window

Highlight or paste a secret. Veil replaces it with [redacted] inline. Teammates with the extension click to unlock in the thread.

Team tokens for email

Share [veil:vt_…] placeholders across Outlook and Gmail. Org members reveal with one click — ciphertext stays in your Veil cloud, never plaintext.

Veil copilot

On paste and while typing, Veil flags sensitive data and offers Secure, Mask, or Tokenize — with clear reasons before you send.

Recipients without the extension

Personal and one-time messages include a hosted unlock page. Recipients open the link, enter the passphrase you shared separately, and read the secret in their browser — no install required.

Team tokens and in-thread unlock require the Veil extension for org members.

Just for you?

Install Veil for personal email and forms. Your passphrase stays in this browser; no admin or join code needed.

Use Veil personally

How teams get started

Admin creates a team and receives a join code and admin sign-in key.
Members install Veil and join with work email.
Everyone secures secrets in mail and web apps; admins apply a policy pack and review metadata-only activity.

IT can deploy the extension and team passphrase via Chrome or Edge policy — members skip manual setup. Team cloud is free during early access.

Security & privacy

Encryption runs in the browser (AES-GCM + PBKDF2). Plaintext is not sent to Goldspire for secure or tokenize actions.
Veil’s cloud API stores org membership, token ciphertext, and security event metadata — not passphrases or message content.
Admins can forward events to a SIEM webhook; exports contain categories and counts, not matched text.