Paperform logo
COVID-19ProductTemplatesPricingBlogSign in
COVID-19ProductTemplatesPricingBlogSign in

Where can I learn more about GDPR and Paperform?

Help About Paperform Security & Compliance

Security & Compliance

Can I capture sensitive and private information, such as credit card details or medical information?Capturing Sensitive Information with PaperformHow do I make a claim of copyright infringement against a form? How do I make a data or GDPR request?Is Paperform HIPAA compliant?What security measures does Paperform have in place?Where can I learn more about GDPR and Paperform?How do I remove the "suspicious warning" on my forms?What are Paperform's Terms and Conditions, and Privacy Policy?Where can I report people using your services for abusive and malicious behaviour?

What’s GDPR?

The EU General Data Protection Regulation (“GDPR”) is a comprehensive data protection law that came into effect on May 25, 2018. It replaced the EU Data Protection law with the intention of strengthening the protection of “personal data” and the rights of the individual. It is a single set of rules which govern the processing and monitoring of EU data.

Does it affect me / my business?

If you hold or process the data of an any person in the EU, the GDPR will most likely apply to you, whether you’re based in the EU or not. Seek legal advice to make a determination and plan for compliance.

I’m a Paperform customer, how does Paperform relate to me in terms of GDPR?

There are two different kinds of relationships defined in GDPR, that of “Controller” and that of “Processor”. The relationship between you as a customer and Paperform falls under both of these categories.
Paperform acts as a Controller in our direct relationship with you as a customer, and the information you give us directly (for example, that which is given when signing up).
The service Paperform provides however is as a Processor. We process and store information from respondents on the behalf of our customers.

Must data be stored in the EU to be GDPR Compliant?

No, this is a common misconception. While there are parts of regulation that apply to the transfer of data across regions, there is no requirement for data be stored in the EU.

What has Paperform done in regards to GDPR?

We have taken several important steps:

  1. We’ve built new features internally to ensure that we can meet our GDPR obligations, including permanently deleting customer data on request.
  2. We’ve updated our Privacy Policy and Terms and Conditions. Of particular importance for our EU customers, we have included a Data Processing Agreement into the general Terms and Conditions. View the DPA here.
  3. We’ve appointed an EU Representative for Paperform. See the Privacy Policy for more information.
  4. We’ve reviewed our vendors, discussed their GDPR plans, and arranged similar GDPR-ready data processing agreements with them.
  5. We’ve reviewed and implemented new internal security measures to ensure your data is safe.

Still have questions?

Talk to us at mailto:support@paperform.co.

Related Articles

What is your contact information for legal inquiries?
Please contact legal@paperform.co with any legal inquiries.