The General Data Protection Regulation (GDPR) is a new set of rules designed to give citizens in the European Union (EU) more control over their personal data. It also addresses the export of personal data outside the EU.
In preparation for the new regulations, Cognito Forms has officially joined the EU-US Privacy Shield and updated both our Terms of Service and Privacy Policy. Additionally, we are now offering Data Processing Agreements for organizations who use Cognito Forms to collect personal data about people in the EU.
While Cognito Forms is GDPR compliant, it’s ultimately your responsibility to ensure that your organization is fully compliant with all GDPR security and privacy measures. That being said, here are some tips on how to design GDPR compliant online forms:
1) Link to Your Privacy Policy
The GDPR not only requires that the language used in your privacy policy be “concise, easy to understand and clear”, but also that the Policy itself must be easily found. A best practice is to provide a direct link to your privacy policy from your form to allow people to review it before signing up or opting in or out.
You can insert links on your form using the Content field. Just insert a Content field into your form, select the Url icon from the formatting toolbar, and enter the Url. Additionally, we recommend that you include a link to our Privacy Policy within yours to let people know that you’ll be processing and storing their info using Cognito Forms.
2) Obtain Explicit Consent
Before any data collection takes place, every customer needs to give their explicit consent through an active opt-in. An active opt-in allows a customer to give their consent through a clear affirmative action, such as ticking a checkbox. Soft or silent opt-ins (such as a checkbox that’s already filled in) should be avoided.
The GDPR requires explicit consent when collecting data specified under certain categories, including racial or ethnic origin, political opinions, genetic data, and more.
You can easily obtain explicit consent on your form using a Yes/No field:
- Add a Yes/No field to your form.
- In the field settings, select the Checkbox type.
- Make sure to include a message written in clear, easily understandable language (ex: “I agree to the terms and conditions”) and set the field as required.
Keep in mind that should you choose to not obtain explicit consent, your organization must comply with at least one of the other listed requirements for lawful data processing under the GDPR.
3) Encrypt Your Form
Cognito Forms uses SSL encryption and is always accessed over HTTPS 100% of the time for all users. However, if you plan on collecting any kind of sensitive information (including Social Security numbers, Driver’s license numbers, etc.), you must enable data encryption on your form to encrypt all sensitive data at rest. Using 256-bit AES encryption keeps your data safe and impossible for any malicious outsider to decipher.
After you encrypt your form, you have the option to protect an unlimited number of individual fields. By protecting a field, you keep it from appearing in notification and confirmation emails, or otherwise being accidentally sent outside of your Cognito Forms account. For example, when integrating encrypted entry data, it will only be sent to a JSON endpoint over a secure connection. You can protect every type of field, including file attachments and sections.
4) Collect a Minimal Amount of Data and Delete It When It Is No Longer Required
In general, it’s a good idea to keep your forms short, sweet, and to the point. Try to cut out any unnecessary questions and make your form as concise as possible. For data that you absolutely need to collect, you can set the form fields as required in the field settings box. Additionally, try to keep your form field labels (“Name”, “Address”, etc.) clear and easy to understand. If some of your fields require a bit more explanation, you can also use help text underneath for further clarification.
Once the collected information is no longer necessary for the purposes for which you processed it, delete the data without delay (unless the personal data is processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes).
5) Allow Customers To Have Their Information Erased or Corrected
You should strive to keep all the personal information you collect accurate and up to date; any inaccurate personal data should be corrected as quickly as possible. Additionally, individuals have a right to have their information erased if they feel that the data is no longer relevant to the original purposes for processing, or if they simply choose to withdraw consent.
There are two easy ways to correct existing form data: you can update the information from the Entries page, or your customer can update their data themselves using an entry edit link. You can delete or erase existing form data on the Entries page as well.