GDPR Compliant Forms

We cover all the GDPR bases. If you run a website that collects personal data from users in the European Union, you need to make sure your website is GDPR compliant. This includes ensuring that any forms on your website, such as contact forms or newsletter sign-ups, are also GDPR compliant.

Image showing a GDPR compliant contact us form

Trusted by 35,000+ clients, from small businesses to large enterprises

Airbus Logo LG Logo Hilti Logo University of Oxford Logo Husqvarna Logo

What Is GDPR and Why is it important?

GDPR stands for General Data Protection Regulation and it is a regulation in the European Union that aims to protect the privacy and personal data of EU citizens. It is important because it gives individuals more control over their personal data and requires companies to be transparent about how they collect, use, and store that data. Failure to comply with GDPR can result in significant fines and damage to a company’s reputation.

Before we dive deeper into how 123FormBuilder handles GDPR compliance, please keep in mind that GDPR compliance responsibility falls on you, the customer, us, the form builder, and your form respondents as well.

Image showing GDPR forms

Understand the GDPR regulations

All entities involved in data collection are affected by GDPR: consumers, businesses, SaaS companies, and everyone in between.

The definition of data collection is pretty broad in GDPR terms, so if you think you’re not collecting data, make sure to triple-check because chances are that you are somehow collecting information from the users landing on your site. Just to give you an idea of how broad “data collection” is as a term, some examples of personal information include but are not limited to:

  • Names
  • Identification numbers
  • Location data
  • Email addresses
  • Home addresses
  • Phone number
  • Any kind of personal data about your customers, employees, stakeholders, collaborators, and so on
  • Cookie information collected via browsers and other online identifiers
Image showing GDPR data fields

Build GDPR Compliant Forms

The first step in building GDPR-compliant forms is to identify the data you need to collect. This means taking a close look at your business processes and determining what information is necessary for you to provide your services or products.

It’s essential to only collect data that is relevant and necessary, as collecting too much data can put you at risk for non-compliance. Once you have identified the data you need to collect, you can move on to the next step of building your forms with GDPR compliance in mind.

123Form Builder has taken all necessary steps to make sure our forms are GDPR-compliant.

Image showing 123FormBuilder GDPR compliant form building platform

Why customers choose us


GDPR gave us a chance to really review everything and that’s what led us to 123FormBuilder. I needed a piece of software that allowed people to upload video, images, and documents to us safely, and that’s why we came to 123FormBuilder. In addition to that, 123FormBuilder offered us two-step authentication which was not an option for other form builders out there.

Impact of GDPR on Customers

To ensure that your forms are GDPR compliant, it’s important to obtain explicit consent from users. This means that you need to clearly explain what data you will be collecting, how it will be used, and who it will be shared with. You should also provide users with the option to withdraw their consent at any time.

To obtain explicit consent, include a checkbox or other mechanism on your forms that requires users to actively opt-in to providing their information. This will help ensure that you are collecting data in a transparent and ethical manner, and will help protect your users’ privacy.

By following these guidelines, you can build GDPR compliant forms that are both effective and ethical.

Image showing the impact of GDPR on Customers

123FormBuilder’s commitment to GDPR

We are a GDPR compliant form builder because we are doing everything on our end to ensure the protection of the personal data flowing through our forms.

For example, we have set up:

  • Procedures on how we control access to our network
  • Procedures on how we maintain the security of our network
  • We have implemented new features and processes to assure our compliance with the requirements.
  • We have identified our obligations and our customers’ obligations and we have documented everything so that it is easier for our customers to comply with the GDPR requirements.
  • All 123FormBuilder employees have been trained to uphold data protection standards. Moreover, we repeat these training sessions periodically.
123FormBuilder’s commitment to GDPR

What you must Do to Make Your Forms GDPR Compliant

GDPR compliance steps vary based on company specifics such as business scope, product type, information collection methods, and other factors.

However, what we advise our customers to do is:

  • Analyze your business processes, systems, the ways you process personal data, and check if they meet the GDPR requirements. If they don’t meet the GDPR requirements, make a plan to address the issues.
  • Review your obligations as a Data Controller on our platform.
  • Sign our Data Processing Addendum, as described and provided in the following section of this page.
  • Create your forms in 123FormBuilder, making sure they follow GDPR regulations and some of the best GDPR form best practices, including:
  • Allowing users to correct, update, or ask for the deletion of their personal data.
  • Enable the “Edit Submission” feature on your forms.
  • Send a copy of the completed form to the sender (using the 123FormBuilder Notifications system).
Image showing 123FormBuilder GDPR compliant form building platform

  • Make sure you are familiar with the “right to be forgotten” law. Users have the right to ask you to delete their personal information, and you should make it very clear to them how exactly they can do that. This information should be included in the Privacy Policy statement (as described in the third bullet point below.
  • Use multiple-choice fields to ask for the explicit consent of the form submitter for you to use their data (which means, collecting the data, storing it, and processing it).
  • Explain why you are collecting personal information.
  • Add a link to your terms of service to list all your Privacy Policy points, as well as other legal details. Do not use the default choice option, as the checkbox needs to be ticked by the user (to show their explicit consent in you processing their data).
  • Enable the Reference ID feature on your forms to make sure you can efficiently track your users’ submissions.

For more information on how to ensure GDPR compliance on your 123FormBuilder forms, kindly check out our Knowledge Base piece on this or contact us at We’re here to help you stay on the legal side of GDPR.

Image showing a GDPR compliant form

Data Processing Amendment (DPA)

The Data Processing Addendum is a necessary step to ensuring GDPR compliance on your forms. Please download our DPAs (US Server / EU Server)  if your business is established in the European Union (EU) or subjected to GDPR

Review, countersign and return the DPA document to Starting with the day you sign and send us the DPA, it will become part of your 123FormBuilder subscription documents.

Data Processing Agreement

EU and US Data Centers

Our entire platform is GDPR-compliant. If you want to reinforce data protection for the forms you create on 123FormBuilder, however, do not hesitate to sign up on our EU platform.

Also, it is important to note that our servers are hosted on Amazon AWS and you can choose to locate your servers exclusively in the EU (or exclusively in the US) to ensure absolute GDPR compliance by not allowing your customers’ data to get outside of the EU.

EU and US Data Centers

GDPR Compliant Form Templates

In addition to putting in place systems and procedures that ensure GDPR compliance, we also come forward with a series of templates that can be easily adapted to GDPR regulations.

Whether you are looking for a GDPR-compliant contact form or a GDPR compliant event registration form, our templates can be adapted to GDPR legislation as per the steps described earlier on this page (under GDPR compliant event registration form).

We have more than 2000 form templates you can use and adapt to GDPR, including:

…And more.

GDPR Friendly Forms Start Here
GDPR compliant form templates

Connect Your GDPR Forms with Your Favorite Apps

Integrate Salesforce seamlessly with GDPR compliant forms to ensure data privacy and legal compliance throughout your sales and marketing processes.

123FormBuilder offers more than 45 native integrations with popular tools used by marketers, project managers, developers, and Human Resource professionals. That means your data can automatically flow from 123FormBuilder forms directly into your favorite tools, including (but not limited to):

123FormBuilder third party integrations

Collect Data, Securely

We take data security very seriously. We’re not only GDPR compliant on all grounds, but we are also:

We periodically perform internal security audits and double-lock our data and our customers’ data by taking all cautionary measures to ensure leaks, breaches, and system failures are averted. Because we genuinely care about data privacy and we have made it an integral part of our entire business model.

Image showing online form security measures like GDPR, Hipaa compliance, ISO 9001, ISO 27001 and Captcha verification.

Take Control with our GDPR-Ready Forms.
Seize the Future of Data Protection – Act Now!

GDPR Friendly Forms