Please can you give me some more information regarding the security of the information on the form.

Good morning,

I am writing from a small business in the UK. We are really interested in using JotForm and really like the form we have been able to design. I have a few questions in relation to data security which I need to ask and hope you can help me with. 

Our business helps customers set up their utility bills when they move home and the purpose of us using a form is to get a customer's personal information as well as determining what services they require.

Firstly, how is the information on the submitted forms being stored and how long is it stored for? Are we able to delete entries?

Secondly, do Jotform keep the information on submitted forms and use the information in any way? Once I delete the form submissions, are they kept with Jotform?

Please can you give me some more information about the secure EU German servers mentioned on this site and how easy is it to encrypt my form?

Lastly, I ask customers for their bank account number and sort code to set up direct debit payments. This is not the long card number made to use purchases. I can see that you offer banking plugins however I am struggling to find a company who will provide me with the type of plug in I require. Am I okay to ask for this banking information as part of the form?

I hope that you can help and answer my questions.

Kind regards,

Jack Ray

Hello, Jack. To answer your questions:

1) The information stored on JotForm will be kept there until you decide to delete them. So yes, you should be able to delete your entries. Simply go to your form's submissions page and then you can delete the submissions there. You can check this guide to know how: https://www.jotform.com/help/377-How-to-Delete-Form-Submission-Data 

2) JotForm keeps the information on submitted forms on databases located in EU and US. But we do not use in any way the submissions your forms receive. We respect users' privacy and we would like to keep it that way. Please check our privacy policy here: https://www.jotform.com/help/9-Privacy-Policy

You can also set your account to be on EU Safe mode (submissions stored on Germany servers) by going to your Account Settings page. you can check if your account is currently in the EU Safe mode. You should also receive an email confirmation once all of your form data is transferred to our EU servers if your submissions was originally set from US then transferred to EU servers.

For form encryption. Please check this guide on how to use it: https://www.jotform.com/help/344-Encrypted-Forms-and-How-to-Use-Them. Although I recommend to make sure that once you encrypt the form, you get to keep a copy of your JotForm Key. Also, The encryption here is one way and cannot be decrypted any other way other than using the JotForm key. The submissions here cannot be exported as well. 

3) Unfortunately, we normally do not allow asking for such sensitive information. We have scanners that filter fields on every form and when it finds a field asking for sensitive information such as a bank account or credit card number, it flags the form and gets the account automatically suspended. We also do not have payment fields which collects bank account information.

With this, we'd like to know more information on the workflow that you might have, perhaps there can be a workaround on how you are to collect your information through your form.

We'll look forward to your response.

Thanks.

Hello! Thanks ever so much for getting back to me so quickly and with such great detail.

We do not have to ask for the bank account number and sort code in the form however we will need to ask for it at some point and would require a secure server and encrypted form for this information to go to.

The way our process works is:

1) Customer fills out our form

2) We present the customer with three options for their utility bills.

3) The customer chooses which option suits them and sets up their own internet and insurance bills.

4) Once this is done, we then set up the remainder of the bills for the customer including setting up the direct debit payments to pay for the bills.

You can do that with our service. 

As my colleague suggested you can Encrypt your submissions by following this guide: https://www.jotform.com/help/344-Encrypted-Forms-and-How-to-Use-Them

Regarding the collecting of the user's data, please check our Terms of use. As long as the data collected is not against our terms you're ok.

If you have any additional questions please let us know.

Thank you!

what do you mean by 'you can do that with our service'? Which part are you referring to?

i really like Jotform but need to know whether I can add the direct debit payment information to the form. 

I have attached a link as to how another company- Cancer Research UK ask for this information on their website- this is the information I require and the way I would like to ask for it. Because Jotform offers a secure and encrypted form would I be able to do the same?

https://donation.cancerresearchuk.org/my-donation?type=regular&frequency=monthly&_ga=1.114857415.1793322944.1491336048#regular

I'm sorry, I meant the steps you numbered.

The only way to collect payments through our forms is by using Payment integrations we have: https://www.jotform.com/help/323-Mastering-Payment-Form-Integrations-with-JotForm. Some of them have direct payment right in the form.

The form you provided you can make by using our Form Builder. Here is a starting guide: https://www.jotform.com/help/2-How-to-create-your-first-web-form

You can make a donation payment form as well, each of the Payment integrations supports that. 

As far as multiple payment options you can check this guide: www.jotform.com/help/182-How-to-Create-a-Basic-Multiple-Payment-form

If you need any further assistance please get back to us.

Thank you!