Privacy Policy

How we collect, use, and protect your information

Last Updated: January 28, 2026

1. Introduction

FormSqueezy ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our form backend service ("Service").

By using FormSqueezy, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide to us, including:

  • Account Information: Name, email address, password, and billing information when you create an account
  • Profile Information: Company name, job title, and other optional profile details
  • Payment Information: Credit card details and billing address (processed securely through our payment provider)
  • Communications: Information you provide when contacting our support team

2.2 Form Submission Data

When forms are submitted through our Service, we collect and store:

  • All data fields submitted through the form
  • File attachments (if applicable)
  • Submission timestamp
  • IP address of the form submitter
  • User agent (browser/device information)

2.3 Automatically Collected Information

When you access our Service, we automatically collect:

  • Device Information: Browser type, operating system, device type
  • Log Data: IP address, access times, pages viewed, referring URL
  • Cookies: Session cookies and persistent cookies for authentication and preferences
  • Usage Data: Features used, actions taken, and performance metrics

3. How We Use Your Information

We use the collected information for the following purposes:

Purpose Description
Service Delivery To provide, maintain, and improve our form backend service
Account Management To create and manage your account, process payments, and provide customer support
Communication To send transactional emails, notifications, and respond to inquiries
Analytics To understand usage patterns and improve user experience
Security To detect, prevent, and address fraud, abuse, and security issues
Legal Compliance To comply with legal obligations and protect our rights

4. Data Sharing and Disclosure

4.1 Service Providers

We may share your information with third-party service providers who assist us in operating our Service:

  • Cloud Hosting: Supabase for database and authentication
  • Email Services: Resend for transactional and notification emails
  • Payment Processing: Stripe for secure payment handling
  • Analytics: Services to help us understand usage patterns

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court order, subpoena).

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

4.5 What We Never Do

  • We never sell your personal information to third parties
  • We never share form submission data with advertisers
  • We never use your data for purposes unrelated to providing our Service

5. Data Retention

We retain your information for as long as necessary to provide our Service and fulfill the purposes described in this policy:

  • Account Data: Retained while your account is active and for 30 days after deletion
  • Form Submissions: Retained according to your subscription plan's data retention period
  • Billing Records: Retained for 7 years for tax and legal compliance
  • Log Data: Retained for 90 days for security and troubleshooting

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

  • Encryption: All data is encrypted in transit (TLS/SSL) and at rest
  • Access Controls: Strict access controls and authentication requirements
  • Infrastructure: Hosted on secure, SOC 2 compliant infrastructure
  • Monitoring: Continuous security monitoring and incident response procedures
  • Employee Training: Regular security awareness training for our team

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

You can access your account data at any time through your dashboard. You may request a copy of your data in a portable format.

7.2 Correction

You can update your account information at any time. Contact us if you need assistance correcting any data.

7.3 Deletion

You can delete your account at any time. Upon deletion, we will remove your data within 30 days, except where retention is required by law.

7.4 Opt-Out

You can opt out of marketing communications by clicking the unsubscribe link in any email or updating your notification preferences.

7.5 Cookie Preferences

You can control cookies through your browser settings. Note that disabling certain cookies may affect Service functionality.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers, including:

  • Standard Contractual Clauses approved by relevant authorities
  • Data processing agreements with our service providers
  • Compliance with applicable data protection laws

9. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies before providing any information.

11. Your Responsibilities as a Data Controller

When you use FormSqueezy to collect form submissions, you act as a data controller for that data. You are responsible for:

  • Providing appropriate privacy notices to form submitters
  • Obtaining necessary consents for data collection
  • Responding to data subject requests from form submitters
  • Complying with applicable data protection laws
  • Ensuring the security of credentials for client portal access

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification for significant changes

Your continued use of the Service after any changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

14. Data Protection Officer

For data protection inquiries in the European Union, you may contact our Data Protection Officer at dpo@formsqueezy.com.

15. Supervisory Authority

If you are located in the European Economic Area and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority.