How to make sure your forms are GDPR compliant

If your business is located in the EU or you process the personal data of individuals in the European Union, the GDPR applies to you. According to the GDPR, consent has to be freely given, unambiguous, and informed. Also, there are big penalties when this regulation is not followed.

When a company has servers within the European Union, they have to be GDPR compliant, according to the law. forms.app’s servers are located in Belgium, and it is fully compliant with the GDPR framework. You can see more detail on this on forms.app’s GDPR page. Therefore, all the data that has been given to the forms.app will be protected and will not be shared with anyone without explicit permission. 

What is GDPR?

The GDPR stands for EU General Data Protection Regulation, and it protects the personal information of individuals and gives EU citizens the right to decide what happens to their personal data. So, it is a privacy law that makes it necessary to obtain explicit consent before collecting or storing user data.

In 2016, eIDAS (EU regulation on electronic identification and trust services) was fully adopted and were directly applicable in all EU Member States. Any electronic signature signed under eIDAS is a legally binding act and is recognized by the European Union courts.

The definition of GDPR

Do your forms need to be compliant with GDPR?

Basically, the goal of this regulation is to strengthen the privacy rights of EU citizens. So, when your business is based in the EU or has servers within an EU country, the law affects you. Therefore, if you collect data from individuals living in the EU, the answer is yes. 

According to this regulation, every person whose personal data is collected and used should be informed. Only after you collect informed consent from them can you use their data. For more information, you can also check out the EU’s complete guidance on GDPR compliance.

How to create GDPR-compliant forms and surveys

There are different ways you can create GDPR-compliant forms and surveys; however, having an easy-to-use form builder will really ease your way. forms.app is a very helpful form builder that is free to use and super helpful You can add appropriate form fields and mind some details to excel in making these forms and surveys with the help of it. Now, let us go through the steps on how to make a form GDPR-compliant.

1  - Go to forms.app and log in to your account. If you do not have an account, it takes seconds to create one.

Log into forms.app

* * *

2  - If you know what kind of form or survey you want to create, go to the templates page. 

Browse through templates

* * *

3  - You can either choose the template you want to go with and edit it as much as you want, or you can start from scratch.

Choose a template

* * *

4  - Edit the theme, questions, and fields according to your wishes.

Edit the theme, questions, and fields

* * *

5  - Most importantly, add the terms & conditions section, and inform the people that you are going to collect their information.

Inform people and ask for their consent

* * *

6  - You can also add your company’s privacy policy. And get their explicit consent.

Add a separate field to show your privacy policy

* * *

7  - You can go to ‘the settings’ and add necessary sections such as conditions, calculation, and custom messages. People should be able to take back their consent at any given time.so make sure to include a contact number or mail in your forms.

Visit other settings and fine-tune your forms

DOs & DONTs for GDPR compliance

When you are creating a form, there are some things you need to do to make sure it’s GDPR compliant: Here, we have gathered some things to do and some things to avoid when you build your forms. You can view these as a GDPR compliance checklist

1 - Use separate fields for consent and terms & conditions

❌Don’t merge contact permission and terms & conditions: There should be no questions in people’s minds about what they consent to. Therefore it should be as clear as possible.

✅ Separate consent and terms & conditions: Have people consent to them one by one. This is the best practice to get it done.

2 - Enable editing by form takers

❌Don’t make the consent irretrievable: Consent can only be freely given by an informed individual. However, it can also be taken back at any given time. Give people the option to change their minds whenever they want by providing an opt-out form.

✅ Allow users to change their minds and opt out: When a person reaches you and wants you to delete their personal data, they should be able to do that by easily contact you.

3 - Avoid Pre-ticked boxes

❌Don’t make any decisions for them: When there are pre-ticked checkboxes about having their information taken or consenting to receive emails by your company, it is a violation of the GDPR. Any type of consent by default is not allowed.

✅Show everything separately and clearly: There should be no questions on people’s minds about what they consent to. Don’t make assumptions, and leave the given consent part to others.

Start with GDPR form templates for free

forms.app cares about data security and complying with the GDPR requirements. That is why, forms.app has appropriate form fields to collect explicit consent and necessary information. There are hundreds of ready-to-go templates, and you can use any of them to create fillable forms with a signature free of charge.

Research Consent Form Template

GDPR Compliant Contact Form

Informed Consent Form Template

SEE MORE TEMPLATES