GDPR Policy
The General Data Protection Regulation (GDPR) is a privacy law in the European Union (EU) that grants EU citizens and residents the right to access and control their personal data.
Is Ikiform GDPR compliant?
Yes. Ikiform's data centers and servers are located in the EU, and we fully comply with the GDPR framework.
- Our Privacy Policy explains what data we collect, how long we retain it, how it may be transferred, and your data protection rights.
- All form data in Ikiform is encrypted both in transit and at rest, and securely stored within Europe.
- You have full control over the data you collect, store, and manage through Ikiform.
- We offer a Data Processing Agreement (DPA) for your convenience.
Please check the Ikiform DPA for more details.
Do you have a Data Processing Agreement?
By creating an Ikiform account and accepting our Terms and Conditions, professional users also agree to the terms of our Data Processing Agreement (DPA) on behalf of their company. No separate signature is required.
What happens with form data?
Ikiform provides the form-building service but does not own the responses collected through forms. The form creator is responsible for the data they collect and acts as the data controller for respondent information. Ikiform acts as the data processor, storing data on behalf of form creators.
- As long as your account remains active, you (the form creator) retain full control over the data you collect and how long you choose to store it.
- You can delete or export form responses from your account at any time if needed.
- We respect all deletion requests. Any form data you delete is permanently removed from our backups within 30 days.
How Ikiform uses your personal data
Ikiform acts as a data controller for the personal information you provide to us in order to use our service (such as registration details).
- We do not sell personal data to third parties, nor do we use it for marketing or advertising purposes.
- We only share your information with trusted service providers who assist us in operating Ikiform, and these providers are required to comply with the GDPR framework.
Subprocessors
We use trusted third-party subprocessors to provide and support Ikiform services. Here is a list of our main subprocessors, their use, and links to their privacy policies:
| Name | Use | Link |
|---|---|---|
| Vercel | Hosting | vercel.com |
| Supabase | Database, Authentication | supabase.com |
| Upstash | Redis (Rate Limiting, Caching) | upstash.com |
| Polar | Payment Processing | polar.sh |
| Cohere | AI Features (Form Generation, Analytics) | cohere.com |
| Resend | Email Delivery | resend.com |
| Crisp | Customer Support | http://crisp.chat/ |
Contacting Us About Data Privacy
If you have any questions about how we collect, use, or protect your personal data, you can contact our Data Protection Officer (DPO):