Privacy Policy

Introduction

This privacy policy explains how nFormr handles your personal information and data, and applies to all of the products, services and websites offered by nFormr and their affiliates (collectively, "nFormr"), except where otherwise noted. nFormr products, services and websites are collectively referred to as the "services" in this policy. Unless otherwise noted, all services are provided by nFormr, which is based in Guernsey.

In this policy, "you" refers to those who use and/or interact with any or all of our products, services, and websites, and "we", "us", and "our" refer to nFormr. "Customer"(s) refers specifically to those who use nFormr services. "Form Responders" refers to those who fill in and/or submit forms used by our Customers.

Information We Collect

From Our Customers

  • Registration information. When you register for an account with us so you can create and/or use forms, we collect your username, password and email address.
  • Billing information. If you make a payment to nFormr, PayPal requires that you provide your billing details, including name, address, email address and financial information corresponding to your selected method of payment (e.g. a credit card number and expiration date or a bank account number). We do not store or process this information, it is passed solely to PayPal so that they may process your subscription payments.
  • Account settings. Our customers can set various preferences and personal details on pages, such as your account settings page.
  • Form data. We store our customers’ form data (questions and responses), in some cases using third party server providers such as Amazon Web Services and Google Cloud.
  • Data you use to create forms is owned by you. nFormr treats your forms as private, unless you make them available to members of the public. We don’t sell or make forms you’ve created available to anyone, nor do we use the form responses you collect, for purposes unrelated to you or our services, except in a limited set of circumstances (e.g. nFormr is compelled by a subpoena or court order, or if you’ve given us permission to do so).
  • Form data is stored on servers located in Ireland. nFormr will process your form data on your behalf and under your instructions and pursuant to this privacy policy.

From Visitors to Our Websites

  • Usage data. We collect usage data when you interact with our services. This may include which web pages you visit, what you click on, when you performed those actions, and so on. Additionally, like most websites today, our web servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses, internet service providers, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system versions, and timestamps.
  • Device data. We collect data from the device and application you use to access our services, such as your IP address, operating system version, device type, system and performance information, and browser type. We may also infer your geographic location based on your IP address.
  • Referral data. If you arrive at a nFormr website from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.
  • Information from third parties. We may collect your personal information or data from third parties, if you have given permission to those third parties to share your information.
  • Information from page tags. We use third party tracking services that employ cookies and page tags (also known as web beacons) to collect aggregated and anonymized data about visitors to our websites. This data includes usage and user statistics. Emails sent by nFormr or by users through our services may include page tags that allow the sender to collect information about who opened those emails and clicked on links in them. We do this to allow the email sender to measure the performance of their email messaging and to learn how to improve email deliverability and open rates.
  • See our Cookie Policy for more info

From Form Responders

When you fill in or complete a form used by one of our Customers, we collect information relating to you and your use of our services:

  • Form responses. We collect and store the form responses that you submit, in some cases using third party server providers like Amazon Web Services or Google Cloud, on behalf of our Customers. The form creator (Customer) is responsible for this data, and they manage it. A form may ask you to provide personal information or data. If you have any questions about a form which a Customer has sent to you or given you access to fill in, or about the data to be provided in the form, please contact the form creator directly, since nFormr is not responsible for the content of that form. The form creator may have their own privacy policy.
  • Are your form responses anonymous?
    You will need to ask the form creator as it depends on how the individual, company or organization has chosen to configure the form(s). We provide information to form creators on how they can collect responses anonymously. However, even if a form creator has followed those steps, specific questions in the form may still ask you for your personal information or data that could be used to identify you.

How We Use And Disclose Your Information

Customers

We treat unique form questions and responses as information that is private, unless a party other than nFormr has made that information public. We don’t use form data other than as described in this privacy policy without our Customers’ consent. We don’t sell Customers’ form data, nor do we make it available to third parties without the Customer’s permission.

We use information gathered from and provided by our Customers to do the following for our Customers:

Provide services and technical support, assist them with form design and creation, provide technical troubleshooting, manage our relationship with them, and to gather information on how they use our services.

Certain features of our services use the content of form questions and responses and Customer account information in additional ways. Feature descriptions will identify where this is the case. Customers can avoid the use of form data in this way by simply choosing not to use such features. For example, by using our form templates feature, to add questions to forms, you also permit us to aggregate the responses you receive to those questions with responses received by other form templates users who have used the same questions. We may then report statistics about the aggregated (and de-identified) data sent to you and other form creators.

If you choose to link your nFormr account with a third party account, such as your Google or Facebook account, nFormr may use the information you allow us to collect from those third parties to provide you with additional features, services, and personalized content.

In order to provide you with useful options to use the services together with social media and other applications, we may give you the option to export information to, and collect information from, third party applications and websites, including platforms such as Google and Twitter and social networking sites such as Facebook. When exporting and collecting such information, you may be disclosing your information to the individuals or organizations responsible for operating and maintaining such third party applications and sites, and your information may be accessible by others visiting or using those applications or sites. We do not own or operate third party applications or websites that you connect with – you should review the privacy policies and statements of such websites to ensure you are comfortable with the ways in which they use the information you share with them.

To manage our services. We use your information, including certain form data, for the following limited purposes:

  • To monitor, maintain, and improve our services and features. We internally perform statistical and other analysis on information we collect, including usage data, device data, referral data, question and response data and information from page tags, to analyze and measure user behavior and trends, to understand how people use our services, and to monitor, troubleshoot and improve our services, including to help us evaluate and design new features. We may use your information internally in order to keep our services secure and operational, such as for troubleshooting and testing purposes, and for service improvement, marketing, research and development purposes.
  • To enforce our Terms of Use.
  • To prevent potentially illegal activities.
  • To screen for and prevent undesirable or abusive activity. For example, we have automated systems that screen content for activities such as, phishing, spam, and fraud.

To create new services, features or content. We may use your form data and form metadata (that is, data about the characteristics of a form) for our internal purposes to create and provide new services, features or content. Regarding form metadata, we may look at statistics like response rates, question and answer word counts, and the average number of questions in a form, and publish interesting observations about these for informational or marketing purposes. When we do this, neither individual form creators nor form responders will be identified or identifiable unless we have obtained their permission.

To facilitate account creation and the logon process. If you choose to link your nFormr account to a third party account, such as your Google or Facebook account, we use the information you allowed us to collect from those third parties to facilitate the account creation and login process.

To contact you about your service or account. We will occasionally send you communications of a transactional nature (e.g. service-related announcements, billing-related matters, changes to our services or policies, a welcome email when you first register). You are prevented from opting out of this type of communication since it is required to provide our services to you.

To contact you for marketing purposes. We will send you promotional emails only if you have consented to us contacting you for this purpose. You may opt out of these communications at any time by clicking on the "unsubscribe" link in them, or changing the relevant setting on your account page.

To respond to legal requests and prevent harm. If we receive a subpoena or other legal request for information, we may need to inspect the data held to determine the appropriate response.

Form responders

Personal information a form responder includes in a form belongs to the responder, unless the responder has given rights in that information to the Customer who provided them with the form. Check with the Customer if you have questions about that. Form submission data is managed by the form creator (the Customer). nFormr treats that information as private unless the responder and/or Customer has made it publicly available. Please contact the form creator directly to understand how they use your form responses. Some form creators may provide you with a privacy policy or notice at the time you complete its form, and we encourage you to review that to understand how the form creator will handle your responses.

We do not sell personal information gathered from form responses. We won’t make available form responses to third parties without permission, and we won’t use any contact details collected in our customers’ forms to contact form responders.

See the section above for information on how we use data provided by our Customers or to which our Customers have given us access.

Website visitors

See the section above regarding information related to visitors to our websites. We use that information, including but not limited to cookies, customer data, usage data, device data, referral data and information from page tags, to manage and improve our services, to serve and support our Customers, for research purposes, and for the other various purposes described in this privacy policy.

No Sale or Leasing of Your Information

We will not sell or lease your personal information to any third party. We may disclose aggregate demographic and statistical information with our business partners, but this information is not specific to the identification of you as an individual.

Generally

We may disclose information with third parties, for limited purposes, as follows:

  • Your information to our service providers. We use service providers who help us to provide you with our services. We give some personnel of these providers access to your information, but only to the extent necessary for them to perform their services for us. Our contracts with our service providers require them to maintain technical protections to ensure the confidentiality of your personal information and data, to use it only for the provision of their services to us, and to handle it in accordance with this privacy policy. Examples of service providers include payment processors, hosting services, email service providers, and web traffic analytics tools.
  • Your account details to your billing contact. If your account holder details are different from the billing contact listed for your account, we may disclose your identity and account details to the billing contact upon their request. We typically will attempt to notify you of such requests. By using our services and agreeing to this privacy policy, you consent to this disclosure.
  • Your email address to your organization. If the email address under which you’ve registered your account belongs to or is controlled by an organization, we may disclose that email address to that organization in order to help it understand who associated with that organization uses our services, and to assist the organization with its enterprise accounts.
  • Aggregated or de-identified (anonymized) information to third parties to improve or promote our services. We do this so that no individuals can reasonably be identified or linked to any part of the information we share with third parties to improve or promote our services.
  • The presence of a cookie to advertise our services. We may ask advertising networks and exchanges to display ads promoting our services on other websites. We may ask such parties to deliver those ads based on the presence of a cookie that was placed when you visited one of our websites, but in doing so we will not share any other personal information with the advertiser. Our advertising network partners may also use cookies and page tags or web beacons to collect certain non-personal information about your activities on this and other websites to provide you with targeted advertising based upon your interests.
  • Your information if required or permitted by law. We may disclose your information as required or permitted by law, or when we believe that disclosure is necessary to protect our rights, protect your safety or the safety of others, and/or to comply with a judicial proceeding, court order, subpoena, or other legal process served on us.
  • Your information if there’s a change in business ownership or structure. If ownership of all or substantially all of our business changes, or we undertake a corporate reorganization, including a merger, acquisition or consolidation or any other action or transfer between nFormr entities, you expressly consent to nFormr transferring your information to the new owner or successor entity so that we can continue providing our services.
  • Information you expressly consent to be shared. For example, nFormr may expressly request your permission to provide your contact details to third parties for various purposes, including to allow those third parties to contact you for marketing purposes. If you give your permission, you may later revoke your permission, but if you wish to stop receiving communications from a third party to which we provided your information with your permission, you will need to contact that third party directly.
  • If you’re a Customer, you are able to control who can take your form by changing your collector settings. For example, forms can be made completely public, and indexable by search engines. You can also choose to share your form responses instantly or at a public location.

Please note that, if you’re a form responder or Customer who has entrusted us with safeguarding the privacy of your personal information, we will not disclose or share it with third parties unless we have (a) given you notice, such as in this privacy policy, (b) obtained your express consent, such as through an opt-in checkbox, or (c) de-identified or aggregated the information so that individuals or other entities cannot reasonably be identified by it. Where required by law to disclose your information, we will notify you of this before disclosing it.

By using our services or visiting our websites, you consent to the above-described disclosures.

In some cases, the applications or user interfaces you encounter while on our sites are managed by third parties, who may require that you provide your personal information. We are not responsible for the privacy practices of these third party services or applications. We recommend carefully reviewing the user terms and privacy statement of each third party service, website, and/or application prior to use.

How Long We Retain Your Information

We generally retain your information for as long as you have an account with us, or as long as necessary to otherwise to provide services to you, to comply with our legal obligations, resolve disputes, or comply with and enforce our agreements. Data that is deleted from our servers may remain as residual copies on offsite backup media for up to approximately one month afterward.

Legal Basis for Use of Your Information

Personal information that we collect is processed under the following legal basis:

Our legitimate interests. This includes:

  • to enable us to provide our products and services and website use and access to you
  • for analytics, to gather metrics to better understand how users use the our websites, and to evaluate and improve our websites
  • to prevent fraud and other illegal activity
  • the legitimate interests of others (for example, to ensure the security of our website)
  • to comply with legal obligations, as part of our general business operations, and for other internal business administration purposes
  • if we collect demographic information from you (such as gender and ethnic origin) in order to carry out diversity monitoring and such information is not collected in an anonymous format, then we rely on our legitimate interest to do so.

Contractual obligations. For the performance of contractual obligations between you and nFormr, including the nFormr Terms of Use and/or in our separate written contract with you.

Consent. Where required by law, we may process your personal information in some cases for marketing purposes on the basis of your consent (which you may withdraw at any time after giving it, as described in this privacy policy).

Your Rights

Deletion of Personal Information

You may be entitled to request that we delete your personal information in certain specific circumstances. If you wish to exercise this right, please submit your request using this form. We will consider all such requests and provide our response within a reasonable period (but no longer than one calendar month from our receipt of your request unless we tell you that we are entitled to a longer period under applicable law). We may require you to verify your identity before we respond to your request. Certain personal information may be exempt from such requests in certain circumstances, including as provided for in this privacy policy.

Access, Update, Data Portability and Other Rights

You may also be entitled to access your information, update your personal information which is out of date or incorrect, restrict use of your personal information in certain specific circumstances, place a data portability request (applicable only when we use your personal information on the basis of your consent or performance of a contract, and where our use of your information is carried out by automated means), and ask us to consider any valid objections which you have to our use of your personal information where we process it on the basis of our or another person’s legitimate interest. Requests should be directed via this form.

We will consider all such requests and provide our response within a reasonable period (but no longer than one calendar month from our receipt of your request unless we tell you we are entitled to a longer period under applicable law). We may require you to verify your identity before we respond to any of your requests. Certain personal information may be exempt from such requests in certain circumstances, including as provided for in this privacy policy.

Children’s Privacy

Use of our websites is intended for adults at least eighteen (18) years of age. We do not knowingly collect personally-identifying information from children under the age of thirteen (13).

Complaints

You also have the right to lodge a complaint before a supervisory data protection authority regarding our data processing. If you are in the UK, the data protection authority is the UK Information Commissioner’s Office available at https://ico.org.uk/.

How To Contact Us Regarding Your Personal Information

If you have any questions about this privacy policy, you may contact us using this form.

Last Update: June 16, 2021