Skip to main content

🛡️ How to create a GDPR compliant form

This page is not intended as legal advice. Please consult with your legal advisor to determine how GDPR applies to your business.

At FormNX, our commitment is to safeguard the privacy of our customers and form respondents. We have taken the necessary measures to ensure GDPR compliance and have compiled frequently asked questions about FormNX & GDPR on this page. Take a moment to review and familiarize yourself with your rights and responsibilities as a form creator.

Creating a GDPR compliant form

There are several considerations when collecting personal information (such as name, email, phone, etc.) with your form.

  • Obtaining consent from your respondents is a crucial requirement for GDPR compliance.

  • The consent obtained must be freely given, specific, informed, and unambiguous.

  • It is important to clearly communicate why you are collecting personal information, how you intend to use it, and whether it will be shared with third parties.

  • Respondents cannot be forced into giving consent, and they must always be aware that they are granting permission to use their data.

FormNX-How-to-create-a-GDPR-compliant-form.png

  • Add a "GDPR Compliance" field to your form to collect opt-in consent from your respondent. The checkbox can not be pre-checked. Make sure to provide link or details text of your company terms & privacy policy along with your company name.

  • Add a checkbox field to your form to collect opt-in consent from your respondent. The checkbox can not be pre-checked. Make sure to add multiple checkboxes (with explanation), if you're planning to use the personal data for multiple actions.

  • Add a text block to explain how you are going to use the information your respondents share with you and link to your privacy policy to give more information about how you're handling their data.

Data control and retention as per GDPR

Respondents have the right to access their personal data or to request it to be removed. Inform them. Provide them with a way to do so, this can be as simple as sharing an email address that respondents can send their request to.

You can delete or export every single individual survey response from your account if a respondent asks you to do so. We honour all deletions from an account, and all account data which has been deleted by you is permanently deleted from our back-ups within 90 days.