Is Secrets AI Safe? Privacy, Payments, and Security Explained
The safety question for an AI companion platform like Secrets AI breaks into several distinct components: corporate legitimacy, payment security, data handling, content safety, and known risk areas. Each deserves a separate answer rather than a blanket "yes" or "no." This page addresses all of them with the specifics available, including where the platform's transparency falls short.
Is Secrets AI a Legitimate Platform?
Secrets AI is developed and operated by Secret Labs Inc., incorporated in Dover, Delaware, United States. US incorporation establishes a verifiable legal entity — the company operates under US jurisdiction and is subject to US law. The platform launched in 2024 and had crossed 100,000 registered users by November 2025.
External review scores support legitimacy: Trustpilot shows 4.2/5 (6 reviews, all five-star — though the small sample size means limited statistical confidence), and companionguide.ai rates the platform 9.6/10 across 116 reviews. No documented reports of fraud, data breaches, or unauthorized charges appear in research for this analysis.
One important disambiguation for anyone who searched and is uncertain: "Secret AI" at secretai.io is a completely different product — an offline, privacy-focused AI assistant with Google Play and iOS listings. It has zero connection to Secrets AI (secrets.ai). Confusing the two in safety research would lead to incorrect conclusions about either platform.
Privacy and Encryption
Private Mode
Private Mode applies end-to-end encryption on a per-conversation basis. When enabled, that conversation's content is protected from external access and is also excluded from being used to train the AI model. This is a meaningful feature — it gives users control over both access and data utility.
The practical limitation is important to understand: Private Mode is not a global setting. It must be enabled for each new conversation individually. If you start a conversation without enabling it, that conversation does not retroactively gain protection. The opt-in-per-conversation design means users need to actively remember to enable it each time.
Data Storage
Secrets AI applies industry-standard encryption to data both in transit (using HTTPS) and at rest on their servers. The platform's stated policy is that no data is shared with third parties. Account deletion requests are processed within 30 days and result in permanent removal of all chat history, generated content, and character data.
Transparency Concerns
The privacy rating on aigirlfriendscout is 2.9/5 — the platform's lowest-rated dimension. The criticism is specific: there are "zero details" available on the exact encryption protocols used, no information on data retention timelines beyond the deletion window, and claims of independent security audits exist but are not publicly verifiable.
This is a meaningful gap for users with high privacy requirements. The platform's privacy implementation may be perfectly sound technically, but without published audit results or protocol documentation, there is no way to verify it independently. Users for whom this level of assurance matters should factor the 2.9/5 transparency rating into their decision.
Payment Security
Accepted Methods
Secrets AI accepts Visa, Mastercard, virtual debit cards, and cryptocurrency (minimum $20 transaction). American Express is not accepted. Payment processing uses third-party payment providers — Secrets AI does not store card data directly on its own servers.
Billing Discretion
This is one of Secrets AI's strongest practical privacy features. All charges appear on bank and credit card statements as "Sun Clinical Laboratories" — nothing in the descriptor references AI services, companions, or adult content. For users who share bank statements with partners or family, or who use corporate cards with visible statements, this billing approach provides real discretion.
Cryptocurrency is available as a maximum-privacy payment option, creating no linkage between payment identity and account identity when combined with an anonymous email address for signup.
Account Privacy
Secrets AI supports anonymous account creation in a meaningful sense:
- Email and password are the only signup requirements
- No real name is collected
- No phone number is required
- No social media login (Google, Apple, Facebook) is used or offered
- Sessions persist in the browser without device-specific tracking
The absence of social login is relevant: platforms that offer Google or Apple login create a data linkage between your AI companion account and your primary identity account. Secrets AI avoids this entirely. Signup can be completed with a privacy-focused email address (such as a ProtonMail address) in under 60 seconds.
For the billing privacy implications of payment method choice, the pricing page covers the crypto option in more detail.
Content Safety
Secrets AI's content policy explicitly permits NSFW interactions. The platform is designed for adult romantic and intimate AI companion use. The content approach is user-directed: conversations begin at a PG-13 level of suggestiveness and escalate based on explicit user direction, rather than the AI pushing explicit content unprompted.
The platform does not maintain explicit content filters of the kind that Character.AI uses. Users who want filtered or family-safe interactions should choose a platform with strict content controls. For users who want adult content available, the absence of those filters is the design intent.
No reports of non-consensual content generation or illegal content generation appear in research for this analysis. AI-generated content on the platform is limited to the companion characters available — it does not generate content involving real people.
How Secrets AI Compares on Safety
| Dimension | Secrets AI | Candy AI | CrushOn AI | Character.AI |
|---|---|---|---|---|
| Encryption | Yes (Private Mode, per conversation) | Yes | Yes | Yes |
| Anonymous signup | Yes | Partial | Partial | No |
| Billing privacy | "Sun Clinical Laboratories" | Varies | Varies | Standard |
| Content policy | Uncensored (user-directed) | Uncensored | Zero filter | SFW strict |
| App permissions | Browser only (no app permissions) | Browser | Browser | App (device permissions) |
| US jurisdiction | Yes (Delaware) | Yes | Yes | Yes |
Secrets AI's strongest comparative safety features are its anonymous signup path and billing descriptor. Its weakest comparative position is privacy documentation transparency — where competitors with more detailed published policies score better.
Known Risks and Concerns
Honest safety analysis requires stating the real risks:
- Spending controls: The Moments system has no built-in spending cap or alert system. Heavy media use can deplete a monthly allocation faster than expected, and additional Moments purchases accumulate without a configurable limit. There are no documented parental controls.
- Age verification: The platform's age verification process is not publicly detailed. The terms of service restrict use to adults, but the enforcement mechanism is not disclosed.
- Refund policy: Refund policy details are not publicly available. Charge disputes would go through the payment provider (Visa/Mastercard dispute processes or equivalent).
- US jurisdiction data risk: Data stored on US servers is theoretically subject to valid US legal process (subpoenas, court orders). This is standard for any US-based platform and not specific to Secrets AI, but worth noting for users with elevated privacy requirements.
- Unverified audit claims: Claims of independent security audits exist in platform documentation but are not publicly verifiable. Users relying on these claims for security assurance are taking the platform's word without independent confirmation.
None of these risks are unique to Secrets AI, and none represent active documented harms. They are structural gaps in transparency and control that informed users should be aware of before signing up.
FAQ
With Private Mode enabled on a given conversation, that conversation is end-to-end encrypted and excluded from AI training data access. Without Private Mode, conversations are stored on Secrets AI servers with standard encryption. Platform employees could theoretically access unencrypted conversations through administrative access, though no such access events have been publicly reported. Private Mode is the strongest protection the platform offers, but must be enabled per conversation.
No. All charges appear as "Sun Clinical Laboratories" — no reference to Secrets AI, AI services, or adult content appears in the billing descriptor. This applies to credit card, debit card, and virtual card transactions. Cryptocurrency payments leave no reference in bank statements at all, as they go through blockchain transaction rather than traditional payment networks.
Yes. Account deletion requests result in permanent removal of all chat history, characters, generated content, and account data within 30 days. The deletion is described as permanent and irreversible — there is no recovery process after deletion is completed.
Secrets AI's stated policy is that no user data is shared with third parties. The platform does not disclose a list of partners or data purchasers. As with any stated policy, verification is only possible through published audits or regulatory disclosures, neither of which are currently publicly available for this platform. For the full review context on where this fits in the overall platform assessment, see the main review page.