Data security will always be a top priority at JotForm. We take our users’ privacy and security very seriously, and we’re always working towards staying ahead of the curve to ensure the highest level of protection.
Today, we are delighted to announce Privacy Shield. EU-US Privacy Shield, together with a signed JotForm Data Processing Addendum, ensures the compliant transfer of personal data from data controllers in the EU to data processors in the US. JotForm customers can safely transfer their content outside the European Economic Area (EEA) to any country, including to the US, with the knowledge that JotForm is fully compliant with EU data protection requirements.
What does this mean for you?
EU-US Privacy Shield does not affect the way customers use, or work, with JotForm.
JotForm offers customers a Data Processing Addendum, including Model Clauses (Data Processing Addendum) that was approved in 2015 by the EU data protection authorities, known as the Article 29 Working Party. This Data Processing Addendum enables our customers to transfer personal data outside the European Economic Area (EEA) to any country in the world, while maintaining compliance.
JotForm is committed to subjecting all personal information and data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.
JotForm is GDPR Compliant
If you are located in or do business in the European Union (EU), you need to follow new, stricter customer data protection rules. The GDPR is now the standard for consumer data protection rights, and JotForm helps you proactively comply with these new data protection standards. JotForm is GDPR compliant, and we make it easy for our customers to show that they use JotForm in a GDPR-compliant way. We provide a DPA which is a self-serve and easy-to-execute document pre-signed by JotForm. It only requires an electronic signature from the user. Once the DPA is filled out and submitted, it will automatically be sent to JotForm’s legal team for final review. If it is correctly completed, the DPA will then become legally binding.
Our US and German servers are constantly updated and monitored. We routinely run security audits, directing PCI scans to detect any kind of vulnerability of the publicly available interfaces. When it comes to protecting your form data, we can promise that we will always go the extra mile. Learn more about how JotForm works hard to protect your security behind the scenes here.