Are your forms compliant?
Suppose that you send out a form by email, and suppose that you get back some responses, also by email.
Someone on your team collects the responses into a spreadsheet, saves the spreadsheet on the cloud, and sends a link to you.
Great, now you can start work!
Oh, wait.
Where are the data protection problems in this workflow?
- Is any personal data in those email responses sufficiently protected?
- What about the spreadsheet on the cloud... Is the datacentre inside the EU? Is it GDPR compliant?
- The respondents have a "right to be forgotten": can you remove their personal information from your inbox? From the email server? From the inbox of everyone who was copied on the email, or who had it forwarded to them?
Personally identifiable information doesn't belong in an inbox. And if you're dealing with personal data covered by GDPR or the UK's Data Protection Act, your workflow needs to support you to get this right.
Fillaform is here to help you.
- Responses are saved securely in a GDPR-compliant EU datacentre.
- Only notifications about responses are sent by email, never any Personally Identifiable Information ("PII").
- Responses can be downloaded by an automatically-generated spreadsheet, saving work and limiting the circle of people with access to PII.
- If you ever need to exercise a member of the public's "right to be forgotten", their PII is easy to locate and delete.
- With Fillaform as your experienced and ICO-registered partner, you've got support if you need help.