Most AI assistants run on a trade. You hand over something personal, and in return for an answer, the company keeps your words. Your chats sit on a server, often with no end date. Many get used to train the next model. Some build a profile that follows you around the web. For idle questions, that's a fair deal. For the ones that matter, it isn't.
I'm Mike, the founder of Ask Safely. We built the app so you don't have to choose between an AI that's smart and one you can trust. Here's how, with the specifics rather than promises.
Why people hesitate to ask AI the real question
Most worries about AI privacy come down to five concrete things, not a vague unease:
- It trains on your chats. Your private questions help build a product millions of strangers use.
- It keeps everything. The default almost everywhere is to store your history with no end date.
- It profiles you. Your questions expose your health, your money, and your relationships, the data advertisers pay the most for.
- One breach spills years. Stored history is a target, and a single hack can leak all of it.
- Delete rarely means deleted. Even with a delete button, copies often stay with the company or its AI supplier.
These share one root. Companies keep your data because keeping it pays. Remove that incentive and most of the risk goes with it.
Privacy doesn't come from a longer privacy policy. It comes from keeping less. A chat that no longer exists can't be trained on, leaked, sold, or handed to anyone. That principle drives every choice below.
What we do about it
You set how long chats live, and the default is delete
Chats auto-delete after 8 hours by default, the setting we recommend for the most privacy. If you'd rather keep recent chats around, you can change the window to 7 days or 30 days. Either way, you set it, not us. And deletion isn't a script we hope runs on time. It's enforced by a database-level expiry, so the moment a chat hits the window you chose, the system removes it on its own.
Your chats never train AI
We don't use your conversations to train any model, ours or anyone else's. There's no setting to hunt for, because there's no training to opt out of.
The company that makes the AI never sees your chats
This is the part most people miss. Your messages don't get sent off to a public AI service. The model runs inside our own environment on Amazon Web Services, the same infrastructure banks and hospitals trust with sensitive data. The model itself is Anthropic's Claude, but it runs on AWS infrastructure that Anthropic's staff can't access, so they never receive your messages and hold no copy of them. AWS's own documentation says it plainly: "Amazon Bedrock doesn't store or log your prompts and completions." That data isn't used to train AWS's models, and it isn't shared with the model's maker.
Automated safety checks do scan traffic for clearly illegal misuse. They run by machine, with no person reading your chats, and they store nothing. I'd rather tell you that than pretend nothing happens behind the scenes.
Everything we briefly keep is encrypted to a bank-grade standard
While a chat is alive, it's encrypted at rest with AES-256-GCM, the same class of encryption that guards financial data. The keys live in AWS Key Management Service, backed by hardware security modules validated to the U.S. government's FIPS 140-2 standard, and they never leave that hardware in readable form.
An outside auditor is checking the claims
We're going through a SOC 2 Type 2 audit with Vanta, including the confidentiality criteria. That's the standard independent review of how a company handles data over time, not a one-day snapshot. So none of this rests on our word alone.
Underneath all of it sits a plain incentive. We make money when you subscribe, not when we mine or sell your data. We have no reason to hoard your history, so we don't.
How that compares
| What matters to you | Ask Safely | Typical big-name AI | Local / open-source AI |
|---|---|---|---|
| Trains on your chats | Never | Often, by default | Never |
| Default storage | Auto-deletes in 8 hours (or 7/30 days, your choice) | Stored indefinitely | On your device |
| AI maker can read them | No | Sometimes | No |
| Encryption at rest | AES-256-GCM, keys in FIPS-validated hardware | Varies | Up to you |
| AI quality | Frontier (Claude) | Frontier | Limited by your hardware |
| You control deletion | Yes, automatic | Manual, if offered | Yes |
Local and open-source tools fit if you want full control and can give up the strongest models. Big-name assistants hand you the strongest models if you'll give up privacy. Ask Safely is built so you keep both.
Why we don't lock it so even we can't read it
Some apps encrypt everything end-to-end, so even they can't read a word. For a messaging app, that's ideal. For an AI assistant, it breaks the product. If no one can read your message, the model can't either, and you lose web search, document uploads, and a memory that helps you over time. So we made a clear trade: keep little, encrypt what we keep, and delete it on your schedule.
You don't trade away a smart AI
Privacy here isn't a stripped-down AI. Ask Safely runs on Claude, among the most capable models available today, so your answers hold up against the big-name assistants people use for serious work. The protection comes from how your data is stored and deleted, not from a weaker model.
What this buys you
The point isn't the encryption or the audit. It's that you can ask the real question. The symptom you're worried about. The debt you're carrying. The thing you'd never type into a search box. Ask it, get a useful answer, and know the conversation clears itself on the schedule you set. That's what privacy is for.