DirectSend for Business

Your subdomain.
Your brand.
Files that never leave the line.

A branded intake channel where the agent can credibly say: your file goes only to me, nothing rests on any server, here is the link. Zero-knowledge by architecture, not by promise.

Book a demo Try it free — no account
End-to-end encrypted in the browser Branded subdomain in 5 minutes No file ever stored, period
https:// acme .directsend.app/intake
Secure session
Hi — please drop your tax return for 2025 here when you have a moment.
Sending it now. Thanks.
1040_return_2025.pdf 4.2 MB
78% · SHA-256 verifying…
Connection
PathDIRECT
CipherAES-256-GCM
Latency22 ms
StorageNONE
Audit
Agentm.chen
Session7F1·E9C
Where your logo could be — when you onboard, your tenant slug lands here
Your bank
Your firm
Your clinic
Your agency
Your team
Your name
The trust thesis

With the global change in trust,
now is the time to own it.

For two decades the answer to every regulated workflow has been the same: upload the file to someone else's server, send a link, hope the password email arrived separately. The middleman model is now a liability — breach disclosures, subpoenas, vendor risk reviews, the long shadow of every data-processing addendum your client makes you sign.

DirectSend Business removes the middleman. The file flows directly from your colleague's browser to your client's browser, end-to-end encrypted with a key we couldn't hand over if we were ordered to — it never reaches our servers in the first place. What your client sees is your brand at your subdomain. What we see is that two browsers shook hands, and how big the handshake was.

What we don't have
  • A copy of any file your team has sent
  • Decryption keys for any session, past or future
  • The contents of any message in any room
  • A way for a court order, breach, or rogue employee to change that
Architecturally enforced. Not a policy you have to take our word for.
How it works

Three steps, no server in the middle.

The flow your agents and your clients see — and the line your auditors will appreciate.

STEP 01

Agent opens a session

On your tenant subdomain. Magic-link login, no passwords to manage. One click spins up a one-time room with a brand-new 256-bit key.
STEP 02

Send the link, any channel

SMS, email, in the middle of a call. The key lives in the URL fragment — the part of the URL browsers never send to any server, including ours.
STEP 03

Browsers shake hands

WebRTC negotiates a direct connection. Files chunk through encrypted with AES-256-GCM, verified with SHA-256 on arrival. We see a handshake, not a payload.
Agent · your subdomain
plaintext → AES-256
direct · E2EE
16 KiB chunks
Client · their browser
AES-256 → plaintext
Use cases

The same five-minute setup, for every regulated workflow.

Drop-in branded send-and-receive for the moments where a Dropbox link is the wrong answer.

Finance & wealth

KYC packets and signed engagement letters land in your CRM, not a vendor cloud. Pair each session to a client file with the audit-log handle.
wealth.directsend.app

Legal intake

Privileged document hand-off without a third-party data-processing addendum to negotiate. Sessions expire when the call ends.
intake.firm.directsend.app

Healthcare & clinics

PHI moves directly from patient to clinician browser. No PHI ever rests in a vendor system you'd have to add to your BAA inventory.
records.directsend.app

Insurance claims

Adjusters receive photo and PDF claim packets at the speed of a phone call. Mid-conversation. No app on the claimant's side.
claims.directsend.app

Government & public sector

Constituent document drop with the public-trust requirements baked in. No cloud storage to disclose, no foreign-jurisdiction worry.
requests.dept.gov.directsend.app

Tax & accounting

Season-long client document collection that doesn't require a portal account they'll forget by April. One link, then they're in.
docs.cpa.directsend.app

Customer support & call centers

Agents send a branded session link mid-call. Screenshots, ID photos, account statements move in seconds, end-to-end encrypted.
support.brand.directsend.app

Anything regulated

If you've ever asked "where did that file go after we shared it?" — DirectSend gives you an answer you can audit by design.
yourbrand.directsend.app
Live demo

Watch a session, end to end.

Left: your agent on acme.directsend.app/agent. Right: your client on the link you just sent them. Nothing between them but a direct connection.

agent
acme.directsend.app/agent
client
inbox.client.example
Demo is fully scripted — no servers are involved. The real product behaves the same.
The honest comparison

A different shape of trust than the tools you already pay for.

Every other column on this table is a tool we respect — and that we couldn't recommend for the file your client wishes they'd never had to send by email.

DirectSend Business
Dropbox / Box
WeTransfer
Email attachment
File contents reach our servers
Never
Yes (encrypted at rest)
Yes (transient cache)
Yes, plus attachments stay forever
We hold a decryption key
No key exists on our side
Yes
Yes
N/A — no encryption
Your brand on the share page
Subdomain + logo + color
Vendor brand
Vendor brand
Your domain, but exposed
Recipient needs an account
No account, ever
Often required
No
Yes (email)
Storage you must add to a BAA / DPA
None
Vendor cloud
Vendor cloud
Mail provider
Time to first branded session
~5 minutes
Days (workspace + SSO)
Minutes (but no brand)
Now (but no security)

Comparisons reflect each product's default behaviour. All three competitors offer paid enterprise tiers with stronger controls — none of which change the fundamental fact that the file passes through their infrastructure.

Security posture

Zero-knowledge
by construction.

Most secure-share products are zero-knowledge by policy: the vendor says they don't look. DirectSend is zero-knowledge by architecture: the vendor cannot look. The encryption keys exist only in two browser tabs, briefly, and only the two people who already trust each other.

AES-256-GCM SHA-256 integrity DTLS 1.2 WebRTC DataChannel Subdomain isolation Magic-link auth
// What an audit log entry looks like { agent: "m.chen@acmewealth.com", session: "7f1e9c·22-may-2026·14:08", duration: "00:04:21", bytes: 13_421_004, files: 1, path: "DIRECT", content: null // by design }
AES-256-GCM, in the browser
Files and messages are encrypted in your agent's browser before they touch the network. The key never leaves the URL fragment, which browsers never send to any server.
Direct browser-to-browser via WebRTC
DTLS-encrypted DataChannel between peers. STUN for NAT traversal; TURN relay only when networks force it — and TURN sees ciphertext, not your file.
Tenant isolation by subdomain
Each customer gets a dedicated subdomain with its own cookie scope. One tenant cannot read another's session cookies — enforced by the browser, not by us.
Metadata-only audit trail
Who sent. When. To which session. How big the transfer was. Everything an auditor needs — and not a single byte of content.
No persistent file storage
Hard rule. Our signaling server stores tenant metadata, agent identity, and one-time tokens. Room state lives in memory and disappears when the session ends.
Magic-link auth, domain-locked
Agents sign in with their work email — restricted to your allowed domain. No passwords for you to rotate, no breach blast radius for us to apologise for.
Pricing

Per-tier, not per-seat.

A flat monthly fee for a clear seat ceiling — so adding the seventh agent doesn't require finance approval. Annual billing only at launch; monthly when we get out of MVP.

Starter
$149/mo · billed annually
Up to 5 agent seats
  • yourbrand.directsend.app subdomain
  • Custom logo + color tokens
  • Magic-link agent auth, domain-locked
  • Branded recipient page
  • STUN connectivity (~80% direct)
  • Email support
Start a trial
Most popular
Team
$499/mo · billed annually
Up to 25 agent seats
  • Everything in Starter
  • TURN relay for ~99% connectivity
  • Multi-peer rooms (up to 5)
  • Metadata-only audit log export
  • Reusable session links (optional)
  • Priority signaling + email/chat support
Book a demo
Enterprise
Let's talkCustom contract
Unlimited agents
  • Everything in Team
  • 99.9% signaling SLA
  • Custom domain (vault.firm.com)
  • Dedicated TURN region
  • Tenant-controlled key rotation
  • BAA / DPA on request
Talk to sales
Need to evaluate first? Try the public version at directsend.app — no account required, same architecture, ad-supported.
Questions you'll actually ask

Straight answers.

Is the file actually never on your servers?
Correct. Files and chat messages move directly between two browsers via WebRTC DataChannel, encrypted with AES-256-GCM. Our signaling server only relays the initial offer/answer/ICE negotiation so the two browsers can find each other — once connected, the server is out of the loop. We never receive ciphertext, plaintext, or keys.
What does the audit log actually contain?
Per-session metadata only: agent identity, timestamp, session duration, total bytes, file count, connection path (DIRECT or TURN-relayed), and a session hash. No content, no file names, no message contents. We could not provide more if we tried — we never have the key.
How is this different from Dropbox or WeTransfer with encryption?
Both encrypt files at rest on their servers, but they hold the keys (or have the technical ability to). DirectSend has no servers in the data path. The encryption key is generated in the agent's browser and shared via the URL fragment — the part of the URL the browser never sends to any server.
What if my client is behind a corporate firewall?
Team and Enterprise tiers include TURN relay. The relay carries DTLS-encrypted traffic, which itself contains another layer of AES-256-GCM ciphertext — so even the relay only sees an opaque blob. Connection success goes from ~80% (direct only) to ~99%.
Can a court subpoena our session data?
They can subpoena what we have: tenant metadata, agent identities, and per-session metadata. They cannot subpoena what we don't have — session keys, file contents, or message contents — because those exist only in your two browsers, briefly.
What changes for our IT team?
Less than you'd expect. No data-processing addendum to negotiate for file contents (there is no processing). One subdomain to whitelist. One allowed-email-domain to lock down. Magic-link auth means no SSO integration is strictly required for the MVP — and it's on the Enterprise roadmap.
How fast can we go live?
Five minutes for the subdomain, twenty for branded styling and your agent invite list. The hard part — the cryptography — is already done.
Ready when you are

Own the
handshake.

A 20-minute demo with whoever from your team will own this. We'll spin up yourbrand.directsend.app live, send a real file through it, and answer the question your auditor is going to ask first.

30-second contact form

We don't collect anything else. We won't share it. We can't share what isn't there.