The General Data Protection Regulation, or GDPR, is an impactful data privacy law update. The EU regulation significantly enhances the protection of personal data for EU citizens. Read more on GDPR Compliance in the Formstack Trust Center.
GDPR Compliance at Formstack
To meet the security compliance standards of the GDPR, Formstack has taken measures to ensure you have complete control of the information you collect, store, and manage with Formstack.
- Data Processing Addendum: A standard, pre-signed copy of our DPA is available to download directly from your profile.
- Privacy Policy Updates: We've updated our Privacy Policy to ensure you know exactly what we're doing with your data.
- International Data Transfers: We comply with the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework, as administered by the U.S. Department of Commerce. We rely on our active DPF certification as a valid transfer mechanism for personal data from the European Union, United Kingdom, and Switzerland to the United States, consistent with Article 45 of the GDPR.
- Incident Management: Formstack's engineers are on-call 24/7 and receive monitoring alerts regarding any incident.
- Data Accessibility: You have full control of the information you collect with Formstack. Contact us to learn more.
Maintain GDPR compliance with online forms
Learn how online forms can help you fast-track compliance by downloading our easy-to-use guide.
Additionally, Formstack provides a Standard BAA for all Formstack for Healthcare accounts/plans. Custom BAA requests are evaluated on a case-by-case basis. Request a BAA here.