Privacy Policy
The Privacy Policy for form0.app
Your privacy is fundamental to our mission. form0.app is built on the principle of data minimization and user control. This policy explains our privacy-first approach and transparent practices.
Our Privacy-First Commitment
Zero Form Data Storage: We never store, cache, or retain any form submission data. All submissions are processed in real-time and immediately forwarded to your specified webhook endpoints without persistence on our servers.
Your Data, Your Control: You own and control all form data. We simply act as a secure bridge between your forms and your chosen automation platforms.
Information We Collect
Account Information
When you create an account with form0.app, we collect:
- Authentication data when you sign in (Google, Twitter, GitHub, etc.)
- Email address for account management and communication
- Display name and profile information from your chosen authentication provider
Form Configuration Data
To provide our service, we store:
- Form metadata (names, field configurations, themes)
- Webhook URLs (encrypted and secured)
- Webhook authentication credentials (encrypted)
- Form status and settings
- Creation and modification timestamps
Analytics and Usage Data
We collect minimal analytics to improve our service:
- Form submission success/failure rates (metadata only)
- Device type and browser information
- Timestamp data for submissions
- Error patterns and performance metrics
- No personally identifiable information from form submissions
Payment Information
For paid subscriptions:
- Billing information is processed securely through Creem, our payment processor
- We do not store payment card details on our servers
- Transaction records for subscription management
What We DON'T Collect or Store
Form Submission Data: We never store, log, or retain any data submitted through your forms. This includes:
- User responses to form fields
- Uploaded files (these are forwarded directly to your webhook)
- Personal information submitted by your form users
- Any content within form submissions
How We Handle Data
Form Submissions Processing
- Form data is received and validated in real-time
- Data is immediately forwarded to your webhook endpoint
- Response is sent back to the form user
- No submission data is retained in memory or logs
- Only success/failure metadata is recorded for analytics
Security Measures
- Encryption: Webhook URLs and authentication credentials are encrypted
- Secure Transmission: All data transmitted over secure connections
- Access Control: Strict user authentication and form ownership validation
- No Data Persistence: Form submission data never touches our database
- Webhook Security: Digital signatures for webhook verification
Data Storage and Retention
- Account Data: Retained while your account is active
- Form Configurations: Retained until forms are deleted
- Analytics Data: Aggregated, anonymized data retained for service improvement
- Logs: System logs containing no personal data, retained for 30 days maximum
Third-Party Services
Our service integrates with:
- Authentication Providers: Google, Twitter, GitHub (for account access)
- Payment Processors: Creem for subscription billing (industry-standard security)
- Your Chosen Webhooks: n8n, Make.com, or any webhook endpoint you configure
We do not share your data with these services beyond what's necessary for their function. Please refer to their respective privacy policies for their data handling practices.
Your Rights and Control
As a form0.app user, you have complete control:
- Data Portability: Export your form configurations at any time
- Deletion Rights: Delete individual forms or your entire account
- Access Control: Manage who can access your forms
- Webhook Management: Full control over where your data is sent
- Account Termination: Self-service account deletion available. For details about account termination procedures, see our Terms & Conditions
Data Sharing
We do not sell, rent, or share your personal information with third parties, except:
- When required by law or legal process
- To protect our rights, safety, or property
- With your explicit consent
- As part of a business transfer (with continued privacy protection)
International Data Transfers
Your data may be processed and stored in various countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers.
Children's Privacy
Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.
Changes to This Policy
We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify users of significant changes via email or through our service.
Transparency and Trust
We believe in complete transparency about our data practices:
- Privacy by Design: Our platform is built with privacy as a core principle
- Regular Security Reviews: We continuously evaluate our security measures
- User Education: We provide clear documentation about our privacy protections
Contact Us
If you have questions about this privacy policy or our data practices:
- Email: [email protected]
- Support: Contact us through your dashboard
Compliance
This policy complies with applicable privacy laws including GDPR, CCPA, and other regional privacy regulations. We are committed to meeting the highest standards of privacy protection.
Last Updated: 16 July, 2025
This policy reflects our commitment to privacy-first form building. Your trust is essential to our mission of providing secure, private form solutions.