Security

How we protect your data and keep your form submissions safe.

Infrastructure

  • EU-based hosting - Servers located in the European Union (Hetzner Cloud)
  • Daily backups - Automated database backups every 24 hours
  • HTTPS everywhere - All traffic encrypted with TLS

Data Protection

  • Data stored in EU - Your data never leaves the European Union
  • Automatic deletion - Submissions deleted after your retention period expires
  • Privacy by design - We only collect what's necessary to provide the service
  • Data export - Export your data anytime in CSV or JSON format

API Security

  • Hashed API keys - Keys are hashed with SHA-256 before storage
  • Rate limiting - Protection against abuse and brute-force attacks
  • Input validation - All inputs validated and sanitized
  • Instant revocation - Disable compromised API keys immediately

Authentication

  • OAuth login - Sign in securely with Google or GitHub
  • Magic links - Passwordless email authentication
  • Secure sessions - HttpOnly cookies with automatic expiration

Payment Security

  • Stripe payments - All payments handled by PCI-compliant Stripe
  • No card storage - We never see or store your credit card details

Spam Protection

  • AI-powered detection - Intelligent spam filtering using GPT-4
  • Rule-based filters - Fast pattern matching blocks obvious spam
  • Spam doesn't count - Blocked spam doesn't use your quota

Security Questions?

If you have security concerns or want to report a vulnerability, please contact us.

Contact Us

Keep Your Account Secure

  • • Never share your API keys or commit them to version control
  • • Store API keys in environment variables, not in code
  • • Rotate your API keys periodically
  • • Monitor your dashboard for unexpected activity
  • • Revoke keys you no longer use
Privacy PolicyTerms of ServiceCookie Policy