Collecting Sensitive Data

  • Profile Image
    loz_hayes
    Asked on September 12, 2017 at 04:00 AM

    Hi

    We use our form to collect some sensitive data from our clients and we have had a warning email from Jotform about this.

    It is however still unclear to me what it is you want me to do. Is simply adding some relevant text to the existing t&c's field good enough?

    We are a payroll company and need to collect certain info in order to process our clients wages.

    Regards

    Loz Hayes.

  • Profile Image
    Charlie
    Answered on September 12, 2017 at 04:54 AM

    Please do review the email sent by my colleague. Please also read our manager's response on this link: https://www.jotform.com/answers/720167. As much as possible, we do not allow user's collecting sensitive information using plain form fields like text boxes. However, there are exemptions if your company or business is related to MORTGAGE BROKER, INSURANCE BROKER BANK, Real Estate Broker, LENDING INSTITUTIONS and the like. In such case, collecting SSN or bank accounts can be allowed and it's not illegal and may be considered as long as you add an agreement text displayed on the form, a signature field and enabling the form encryption.

    However, if your company or business does not fall into the categories we mentioned, then you cannot collect sensitive information. You may review our Terms of Use page here: https://www.jotform.com/help/8-Terms-of-Use

    You may still continue using JotForm forms to collect basic information about your users, however, you may need to resort to a different approach if you wish to collect sensitive information. 

    I hope that helps. 

  • Profile Image
    sabbirahmedchow
    Answered on September 12, 2017 at 04:59 AM

    Since you are collecting sensitive data through your form, there could be any possible security issues. If you are getting any security related warning mail from JotForm, you must take extra security measures to your form like adding SSL certificates(If you don't have any yet). Also you must have a Privacy Policy so that your users feel secure while they put their Bank's sensitive info into your form. In addition, you can use our Encrypted Form. 

    Here is the link of how you can use it: 

    https://www.jotform.com/help/344-Encrypted-Forms-and-How-to-Use-Them