Content encrypted before sync
Tasks, notes, comments, lists, and search data are protected on the client before they reach Worklist servers.
Encrypted task management
for teams handling
sensitive work.
Plan roadmaps, assign owners, discuss work, and share lists without exposing workspace content to Worklist. Tasks are encrypted on your device before sync, so our servers store ciphertext instead of readable plans.
✓ End-to-end encrypted tasks ✓ Private team sharing ✓ Browser, iOS, and self-hosted
Decrypted
Encrypted
Built for teams with client, product, legal, or regulated operational work.
Proof before promises
Documented zero-knowledge design
The security architecture explains what Worklist can and cannot see, including the key-management tradeoffs.
Read security architecture
Deployment path for sensitive teams
Use hosted cloud for fast rollout, iOS for mobile work, or a licensed Docker image for customer-operated infrastructure.
Review self-hosted
Built for real workflow
Assign owners, add due dates, discuss updates, create checklists, track recurring work, and audit changes without plaintext server access.
Your biggest competitor might be reading your roadmap right now.
Every task, every strategy, every client detail you put in traditional productivity tools is readable by someone else — platform employees, third-party integrations, even AI training pipelines.
When a breach happens (not if, but when), your entire business strategy becomes public. And switching to traditional security tools usually means killing team productivity.
There has to be a better way.
Data exposure risk.
Traditional apps store your data in plain text on their servers. When something goes wrong, all of this is exposed:
- •AI training on proprietary data
- •Support staff with read access
- •Third-party plugin vulnerabilities
- •Database leaks exposing roadmaps
End-to-end encryption with team workflow.
Worklist keeps task management familiar while encrypting workspace content before it reaches the server. Your team can plan, assign, comment, search, and share lists without giving Worklist plaintext access.
Content stays private by design.
Your work is encrypted before sync.
- •Worklist is designed so employees can't read task content
- •Workspace content is not used for AI training
- •Supports privacy reviews with documented architecture
Instant team collaboration.
Share securely in seconds.
- •Invite team members with one click
- •Granular per-list access control
- •Revoke access instantly when needed
Deployment choice.
Cloud by default, self-hosted when needed.
- •Hosted service without server maintenance
- •Licensed Docker image for customer-operated infrastructure
- •Same encryption model across deployment options
Everything your team needs.
Nothing we can read.
Every feature below is end-to-end encrypted by default. There is no setting to turn it off — encryption is the product.
Task Management
Owners, priorities, due dates, and progress.
Task Checklists
Steps for every task, trackable at a glance.
Team Collaboration
Comments, updates, and clean handoffs.
Repeating Tasks
Automate weekly and monthly routines.
Notes
Private notes, synced across devices.
Unlimited Lists
Separate projects, clients, and departments.
Audit Log
Every change logged — and unreadable to us.
Private Search
Instant results that run in your browser.
Mobile Access
Work securely from any device.
Self-hosted Option
Licensed Docker image for teams that need to run Worklist on their own hardware.
Powerful security in three simple steps.
1
Sign up and start working.
Create your account and start adding tasks immediately. Everything is automatically encrypted in your browser before leaving your device.
2
Invite your team.
Share work lists with team members using secure invitations. They get access to exactly what you share — nothing more, nothing less.
3
Collaborate with confidence.
Work together with modern client-side encryption protecting the content your team creates, discusses, and searches.
Work securely from anywhere.
Use our hosted cloud, the iOS app, or a licensed self-hosted Docker image on your own hardware. Same encryption model, different operating model.
Browser access.
Full-featured task management on any device. Encryption runs in your browser via WebCrypto — no native client required.
Start free trialiOS app.
Native app that keeps every task encrypted on-device, even when your phone is offline.
Self-hosted.
Run Worklist on your own hardware from a licensed Docker image. Self-hosted is $11.99 per seat per month with a 12-month contract minimum and 5-seat minimum.
Learn about self-hostingSecurity that satisfies your auditors.
We’ve built Worklist from the ground up to operate with zero knowledge of your data. Every primitive is documented, every assumption is auditable.
Read the full architectureEnterprise-grade protection.
End-to-End Encryption
ChaCha20-Poly1305 AEAD — the modern cipher trusted by Signal and Google.
ChaCha20-Poly1305Zero-Knowledge Architecture
We can't access your data — even if subpoenaed.
OPAQUE PAKEGDPR data-minimization support
Client-side encryption reduces the amount of readable workspace content Worklist processes.
GDPR-alignedNo content mining
Workspace content is not analyzed, sold, or used for advertising.
No content scanningIf everything goes wrong, you stay safe.
-
Even if our database is breached —
Your data remains encrypted chunks of gibberish.
-
Even if we're served a warrant —
We have no readable data to provide to authorities.
-
Even if an employee goes rogue —
They can't decrypt your information without your keys.
-
Even if you forget your password —
Your data stays protected. Recovery keys are vital.
Trusted by teams that can’t afford data leaks.
Product teams
When roadmap leakage would hurt launches, fundraising, or M&A.
Keep feature plans, launch checklists, and research notes in a workspace your team can use daily without storing readable strategy on Worklist servers.
Legal & consulting
When client work should not be readable by your SaaS vendor.
Coordinate matters, engagements, and follow-ups with client-side encryption, clear access boundaries, and audit trails for sensitive handoffs.
Healthcare & finance
When sensitive operational data needs fewer plaintext copies.
Use encryption to reduce exposed PHI, client, or account context in hosted cloud or licensed self-hosted deployments, subject to required agreements and controls.
Remote teams
When work crosses devices, vendors, and jurisdictions.
Give distributed teams shared task visibility while keeping workspace content encrypted before sync and private search running in the browser.
Transparent pricing for teams of all sizes.
Start with a free trial. Then choose the plan that fits your workflow. No hidden tiers, no per-feature paywalls.
Most popular
Personal.
Single user · all features included
$9.90 / month
or $99.00/year (billed yearly)
- → Unlimited boards & tasks
- → Free trial included
- → Email support
Team.
Per-seat · min. 2 users
$8.50 / seat / month
or $85.00/seat/year (billed yearly)
- → Everything in Personal
- → Per-seat pricing (min 2 users)
- → Priority support
- → Free trial included
Self-hosted.
Licensed Docker image for teams that need customer-operated infrastructure.
$11.99 / seat / month
12-month min, 5 seats min
or $143.88/seat/year
- → Licensed Docker image
- → Customer-operated infrastructure
- → Same zero-knowledge encryption model
Hosted plans include a free trial. Self-hosted is sold on an annual contract.
Questions, answered.
Still uncertain? Talk to a human.
Start protecting your team’s work today.
Collaborate securely with end-to-end encryption. No credit card required.