GDPR Compliance Settings

Make sure the forms you create using Formidable Forms follow the General Data Protection Regulation (GDPR) set by the European Union. It is important to prioritize personal information and privacy. By including GDPR elements in your forms, it will help you to properly manage user permission and enhance data security methods.

Overview of GDPR

The General Data Protection Regulation (GDPR) was created by the European Union (EU) with the intention of protecting individuals' personal information. It went into effect on May 25, 2018 and imposes strict rules on how personal data should be handled, stored, and gathered.

• Consent requirement: Organizations must obtain clear, explicit consent from people before gathering or using their personal data.
• Data access and deletion: Individuals have the right to seek access to their personal data and, under particular conditions, to have their data deleted.
• Applicability: GDPR applies to all businesses that collect personal information from EU individuals, regardless of where the organization is located.
• Compliance: Organizations have to guarantee compliance with GDPR rules in order to save personal privacy rights and avoid penalties.

GDPR compliance settings

This guide outlines the steps to configure GDPR compliance settings in Formidable Forms. Implementing these settings will help ensure that your website's data collection practices align with GDPR regulations.

1. Access Global settings. Navigate to the Formidable Forms settings by going to Formidable → Global Settings → General Settings.
2. Enable GDPR features. Scroll down to the GDPR section and check the box for Enable GDPR related features and enhancements.
   
3. Additional GDPR options. Once the GDPR feature is enabled, two additional options will appear:
   • Disable user tracking cookies. Enabling this option will prevent user tracking and limit form entries to one per user by cookie. It will also disable GDPR-related cookies and remove the Saved Cookie option from the entries limit setting.
   • Disable storing IPs. Enabling this option will prevent the storage of user IP addresses with form submissions. It will also remove the IP Address option from the entries limit setting and hide the option for using custom headers when retrieving IPs.
   • Use custom headers when retrieving IPs. Only turn this on if IP addresses are incorrect in entries. Some server setups may require spoofable headers to determine an accurate IP address.
If you are using the Formidable Forms Lite plugin, these GDPR options will not be available, as user cookies and additional details are not collected.

Custom headers

Select the box for Use custom headers when retrieving IPs with form submissions if all of your entries appear to use the same IP address. This setting is disabled by default to protect against IP spoofing but is required when using a reverse proxy.

The Custom Headers option allows you to configure how IP addresses are handled for entries that may appear to come from the same source. It is useful when using a reverse proxy, where multiple requests may show the same IP address.

Create a GDPR compliant form

Follow this guide to learn how to create a form that complies with GDPR regulations by obtaining explicit user consent before collecting personal data. By adding a GDPR consent checkbox, you ensure that users actively agree to share their information.

1. Enable GDPR feature. Go to Formidable and navigate to Global Settings. Verify that the GDPR feature is activated in the general settings. You can then use the form builder to add a GDPR field.
2. Create or edit a form. Open the form builder to create a new form or edit an existing one.
3. Add GDPR field. In the form builder, locate and add the GDPR field to your form.
   
   GDPR field features:
   
   • Always required. The GDPR field must be filled out; it cannot be optional.
   • No default check. The consent checkbox is disabled by default, requiring users to actively check it.
   • Single checkbox. You can only add one consent checkbox per form.