Privacy Policy

The Privacy Policy for form0.app


Your privacy is fundamental to our mission. form0.app is built on the principle of data minimization and user control. This policy explains our privacy-first approach and transparent practices.

Our Privacy-First Commitment

Zero Form Data Storage: We never store, cache, or retain any form submission data. All submissions are processed in real-time and immediately forwarded to your specified webhook endpoints without persistence on our servers.

Your Data, Your Control: You own and control all form data. We simply act as a secure bridge between your forms and your chosen automation platforms.

Information We Collect

Account Information

When you create an account with form0.app, we collect:

  • Authentication data when you sign in (Google, Twitter, GitHub, etc.)
  • Email address for account management and communication
  • Display name and profile information from your chosen authentication provider

Form Configuration Data

To provide our service, we store:

  • Form metadata (names, field configurations, themes)
  • Webhook URLs (encrypted and secured)
  • Webhook authentication credentials (encrypted)
  • Form status and settings
  • Creation and modification timestamps

Analytics and Usage Data

We collect minimal analytics to improve our service:

  • Form submission success/failure rates (metadata only)
  • Device type and browser information
  • Timestamp data for submissions
  • Error patterns and performance metrics
  • No personally identifiable information from form submissions

Payment Information

For paid subscriptions:

  • Billing information is processed securely through Creem, our payment processor
  • We do not store payment card details on our servers
  • Transaction records for subscription management

What We DON'T Collect or Store

Form Submission Data: We never store, log, or retain any data submitted through your forms. This includes:

  • User responses to form fields
  • Uploaded files (these are forwarded directly to your webhook)
  • Personal information submitted by your form users
  • Any content within form submissions

How We Handle Data

Form Submissions Processing

  1. Form data is received and validated in real-time
  2. Data is immediately forwarded to your webhook endpoint
  3. Response is sent back to the form user
  4. No submission data is retained in memory or logs
  5. Only success/failure metadata is recorded for analytics

Security Measures

  • Encryption: Webhook URLs and authentication credentials are encrypted
  • Secure Transmission: All data transmitted over secure connections
  • Access Control: Strict user authentication and form ownership validation
  • No Data Persistence: Form submission data never touches our database
  • Webhook Security: Digital signatures for webhook verification

Data Storage and Retention

  • Account Data: Retained while your account is active
  • Form Configurations: Retained until forms are deleted
  • Analytics Data: Aggregated, anonymized data retained for service improvement
  • Logs: System logs containing no personal data, retained for 30 days maximum

Third-Party Services

Our service integrates with:

  • Authentication Providers: Google, Twitter, GitHub (for account access)
  • Payment Processors: Creem for subscription billing (industry-standard security)
  • Your Chosen Webhooks: n8n, Make.com, or any webhook endpoint you configure

We do not share your data with these services beyond what's necessary for their function. Please refer to their respective privacy policies for their data handling practices.

Your Rights and Control

As a form0.app user, you have complete control:

  • Data Portability: Export your form configurations at any time
  • Deletion Rights: Delete individual forms or your entire account
  • Access Control: Manage who can access your forms
  • Webhook Management: Full control over where your data is sent
  • Account Termination: Self-service account deletion available. For details about account termination procedures, see our Terms & Conditions

Data Sharing

We do not sell, rent, or share your personal information with third parties, except:

  • When required by law or legal process
  • To protect our rights, safety, or property
  • With your explicit consent
  • As part of a business transfer (with continued privacy protection)

International Data Transfers

Your data may be processed and stored in various countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers.

Children's Privacy

Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify users of significant changes via email or through our service.

Transparency and Trust

We believe in complete transparency about our data practices:

  • Privacy by Design: Our platform is built with privacy as a core principle
  • Regular Security Reviews: We continuously evaluate our security measures
  • User Education: We provide clear documentation about our privacy protections

Contact Us

If you have questions about this privacy policy or our data practices:

Compliance

This policy complies with applicable privacy laws including GDPR, CCPA, and other regional privacy regulations. We are committed to meeting the highest standards of privacy protection.


Last Updated: 16 July, 2025

This policy reflects our commitment to privacy-first form building. Your trust is essential to our mission of providing secure, private form solutions.