- Penny5Asked on August 14, 2015 at 11:56 AM
We are based in the Uk and abide by 'the Data Protection Act' and 'The Privacy and Electronic Communications (EC Directive) Regulations.
We are currently writing our 'Privacy, Data Protection' policy for our new site soon to be launched.
As our customers 'personal information' i.e name, address, phone number etc will be transfered out of the EU and held on the Jotform servers we need to know and inform our customer on how you (Jotform) protects, processes and hold this personal information.
You state in your T&Cs that we would own this personal information however you do not explain how you protect this data, process and store it. Do you share, disclose, rent, sell this data in part or full to any third parties? Does this data get removed perminently off your servers after a certain amount of time?
Thanks for your helpPage URL:
- CharlieAnswered on August 14, 2015 at 02:51 PM
Here are some of the security information that we can share on how and where the data are stored:
- We have bug bounty programs where we pay outside parties for
reporting vulnerabilities in our system.
- Our servers are protected by private networks and constantly updated
- Our system administrators have a collective 40+ years of industry experience.
- Our development team is encouraged to follow best security practices.
- All data transfer are made of 256-bit SSL secure connection.
- Our servers are located on SSAE16 Audited facilities.
The submission data will not expire and will remain in your account. If you decide to delete it, it will permanently be removed in our servers without backup, this means we cannot retrieve/restore them.
Should you need more information on this, please let us know.
- KadeJMAnswered on November 02, 2015 at 11:21 AM
We would like to update you by telling you that we have released our solution to Safe Harbor Invalidation. You may read more about it via this link here http://www.jotform.com/eu-safe-forms/ where you can switch your account over to our European Servers.