GDPR Compliant Forms

GDPR stands for General Data Protection Regulation and it is a regulation in the European Union that aims to protect the privacy and personal data of EU citizens. It is important because it gives individuals more control over their personal data and requires companies to be transparent about how they collect, use, and store that data. Failure to comply with GDPR can result in significant fines and damage to a company’s reputation.

Before we dive deeper into how 123FormBuilder handles GDPR compliance, please keep in mind that GDPR compliance responsibility falls on you, the customer, us, the form builder, and your form respondents as well.

All entities involved in data collection are affected by GDPR: consumers, businesses, SaaS companies, and everyone in between.

The definition of data collection is pretty broad in GDPR terms, so if you think you’re not collecting data, make sure to triple-check because chances are that you are somehow collecting information from the users landing on your site. Just to give you an idea of how broad “data collection” is as a term, some examples of personal information include but are not limited to:

• Names
• Identification numbers
• Location data
• Email addresses
• Home addresses
• Phone number
• Any kind of personal data about your customers, employees, stakeholders, collaborators, and so on
• Cookie information collected via browsers and other online identifiers

The first step in building GDPR-compliant forms is to identify the data you need to collect. This means taking a close look at your business processes and determining what information is necessary for you to provide your services or products.

It’s essential to only collect data that is relevant and necessary, as collecting too much data can put you at risk for non-compliance. Once you have identified the data you need to collect, you can move on to the next step of building your forms with GDPR compliance in mind.

123Form Builder has taken all necessary steps to make sure our forms are GDPR-compliant.

To ensure that your forms are GDPR compliant, it’s important to obtain explicit consent from users. This means that you need to clearly explain what data you will be collecting, how it will be used, and who it will be shared with. You should also provide users with the option to withdraw their consent at any time.

To obtain explicit consent, include a checkbox or other mechanism on your forms that requires users to actively opt-in to providing their information. This will help ensure that you are collecting data in a transparent and ethical manner, and will help protect your users’ privacy.

By following these guidelines, you can build GDPR compliant forms that are both effective and ethical.

We are a GDPR compliant form builder because we are doing everything on our end to ensure the protection of the personal data flowing through our forms.

For example, we have set up:

• Procedures on how we control access to our network
• Procedures on how we maintain the security of our network
• We have implemented new features and processes to assure our compliance with the requirements.
• We have identified our obligations and our customers’ obligations and we have documented everything so that it is easier for our customers to comply with the GDPR requirements.
• All 123FormBuilder employees have been trained to uphold data protection standards. Moreover, we repeat these training sessions periodically.

GDPR compliance steps vary based on company specifics such as business scope, product type, information collection methods, and other factors.

However, what we advise our customers to do is:

• Analyze your business processes, systems, the ways you process personal data, and check if they meet the GDPR requirements. If they don’t meet the GDPR requirements, make a plan to address the issues.
• Review your obligations as a Data Controller on our platform.
• Sign our Data Processing Addendum, as described and provided in the following section of this page.
• Create your forms in 123FormBuilder, making sure they follow GDPR regulations and some of the best GDPR form best practices, including:
• Allowing users to correct, update, or ask for the deletion of their personal data.
• Enable the “Edit Submission” feature on your forms.
• Send a copy of the completed form to the sender (using the 123FormBuilder Notifications system).

• Make sure you are familiar with the “right to be forgotten” law. Users have the right to ask you to delete their personal information, and you should make it very clear to them how exactly they can do that. This information should be included in the Privacy Policy statement (as described in the third bullet point below.
• Use multiple-choice fields to ask for the explicit consent of the form submitter for you to use their data (which means, collecting the data, storing it, and processing it).
• Explain why you are collecting personal information.
• Add a link to your terms of service to list all your Privacy Policy points, as well as other legal details. Do not use the default choice option, as the checkbox needs to be ticked by the user (to show their explicit consent in you processing their data).
• Enable the Reference ID feature on your forms to make sure you can efficiently track your users’ submissions.

For more information on how to ensure GDPR compliance on your 123FormBuilder forms, kindly check out our Knowledge Base piece on this or contact us at gdpr@123formbuilder.com. We’re here to help you stay on the legal side of GDPR.

The Data Processing Addendum is a necessary step to ensuring GDPR compliance on your forms. Please download our DPAs (US Server / EU Server)  if your business is established in the European Union (EU) or subjected to GDPR

Review, countersign and return the DPA document to gdpr@123formbuilder.com. Starting with the day you sign and send us the DPA, it will become part of your 123FormBuilder subscription documents.

Our entire platform is GDPR-compliant. If you want to reinforce data protection for the forms you create on 123FormBuilder, however, do not hesitate to sign up on our EU platform.

Also, it is important to note that our servers are hosted on Amazon AWS and you can choose to locate your servers exclusively in the EU (or exclusively in the US) to ensure absolute GDPR compliance by not allowing your customers’ data to get outside of the EU.

In addition to putting in place systems and procedures that ensure GDPR compliance, we also come forward with a series of templates that can be easily adapted to GDPR regulations.

Whether you are looking for a GDPR-compliant contact form or a GDPR compliant event registration form, our templates can be adapted to GDPR legislation as per the steps described earlier on this page (under GDPR compliant event registration form).

We have more than 2000 form templates you can use and adapt to GDPR, including:

• Contact Form Templates
• Event Registration Form Templates
• Order Form Templates
• Online Survey Templates

…And more.

Integrate Salesforce seamlessly with GDPR compliant forms to ensure data privacy and legal compliance throughout your sales and marketing processes.

123FormBuilder offers more than 45 native integrations with popular tools used by marketers, project managers, developers, and Human Resource professionals. That means your data can automatically flow from 123FormBuilder forms directly into your favorite tools, including (but not limited to):

• Salesforce
• Google Drive
• Evernote
• Dropbox
• Mailchimp
• WordPress
• Wix
• AWeber

We take data security very seriously. We’re not only GDPR compliant on all grounds, but we are also:

• HIPAA compliant
• ISO 9001 certified
• ISO 27001 certified

We periodically perform internal security audits and double-lock our data and our customers’ data by taking all cautionary measures to ensure leaks, breaches, and system failures are averted. Because we genuinely care about data privacy and we have made it an integral part of our entire business model.