If you would like to report a vulnerability or security concern regarding any formsure.co product, please contact [email protected] We will verify the report and take corrective action as soon as possible, then notify our users and the relevant authorities of the issue.
We use industry best practices for security and privacy, and have vetted all third-party processors we employ for compliance as well. Data controlled by our customers and provided via our API is ultimately our customers' responsibility under the GDPR, but we provide tools such as data retrieval via our GROQ query language, custom data retention policies, and APIs for permanent data deletion, as well as strict security practices, which allows our customers to remain compliant as well.
Amazon Web Services (AWS), which hosts formsure.co, undergoes regular independent audits for a range of standards including ISO 27001, ISO 27017, ISO 27018, SOC 2, SOC 3, CSA STAR, EU-U.S. Privacy Shield, HIPAA, and PCI DSS.FAQ
If a security issue or data leak is discovered, we will notify the affected users and relevant authorities as soon as possible, in line with current regulations. We also publish live reports of operational issues on our status page, which supports email notifications as well.