What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.

At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.

We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.


  • Profile Image

    Where does the information go when a form is submitted? Need to know for PCI compliance.

    Asked by blackbear88 on May 13, 2016 at 04:00 PM

    We currently have the free starter account and did not know that you only have 10 submissions allowed when credit card information is entered. We may upgrade to the Bronze package. I have a few questions I would liked answered before we make the final decision. 

    We have set up  a reservation request form where the customer does enter credit card information. Two e-mails are sent out. One to the customer without any credit card information for their records. The second is sent to us a reservations@blackbearcamping.com. We log onto our server and get the information by secure e-mail.  Recently we did an upgrade to our website, server, SSL certificates and client e-mail software on all of our computers. I wish to make sure that the customer information remains secure.

     When a customer submits a reservation, we are sent an e-mail with their information.

    1. Where else does the information go?

    2. Does it go to Jot Form?

    3. IF yes, how long does Jot Form keep the information before it is deleted? 

    4. Can the information automatically be deleted when the request is sent to us?

    5. Who has access to this information?

    6. It looks like the paid service packages you offer have "SSL Secure Submissions." Is this correct?

     

    Would you please send your response to both of these e-mail addresses?

    bbcamping@aol.com

    reservations@blackbearcamping.com 

     

    Valerie

    Black Bear Campground

    Page URL:
    www.blackbearcamping.com

    PCI information a PCI compliance
  • Profile Image

    Answered by victor on May 13, 2016 at 04:42 PM

    Thank you for contacting us and your consideration in upgrading your plan.

    All submission data on our server are secure. We have a very powerful cloud of servers in SSAE16 Audited facilities which provides security protection against malicious attacks like SQL injection and denial of service (DOS) attacks.

    If you use SSL/secure form URL to accept submission, the data transferred from your browser to our server will also be secure. We support high-grade 256-bit encryption.

    1. Where else does the information go?

    2. Does it go to Jot Form?

    All information submitted by default goes through our servers. You may also integrate the form with Dropbox, google drive and the information will me automatically get copied there as well

    3. IF yes, how long does Jot Form keep the information before it is deleted? 

    No information is delete. Some will require to delete the submission manually from the submission page. In the bottom you will notice a grid. In the top right, you will be able to delete all the submission in batch

    4. Can the information automatically be deleted when the request is sent to us?

    Yes, you can use our auto-delete app. Once the data has been processed and all notification have been send, the information will by permanently be removed from our servers

    5. Who has access to this information?

    No one except you should have access to the information. You may create sub-users to share forms and data. They can also have permission to view and edit the data.

    6. It looks like the paid service packages you offer have "SSL Secure Submissions." Is this correct?

    Yes, by default all ours forms use SSL. You can use the secure / SSL form URL or embed script. 

    Here is a guide on how to receive SSL submissions:http://www.jotform.com/help/63-How-can-I-receive-SSL-Submissions

    If you want your form user to know that their data will be sent securely, you can add enable security certificate seal in your form. Here is a guide which you can refer:  http://www.jotform.com/help/131-Enabling-Security-Certificate-Seal-on-Secure-Forms

  • Profile Image
    JotForm Founder

    Answered by aytekin on August 02, 2016 at 09:16 AM

    Update: JotForm is now PCI DSS compliant. We have PCI Service Provider Level 2 certificate. We'd happy to provide certificate to any users who would need it for their payment gateway. Just contact our support team.