Last updated: February 15, 2026
Privacy Policy
This Privacy Policy describes how FormGen ("we", "us", or "our") collects, uses, and protects your information when you use our form building platform ("Service").
1. Information We Collect
Account Information
When you create an account, we collect your name, email address, and (if you use password authentication) a hashed version of your password. If you authenticate via Google or GitHub OAuth, we receive your name, email, and profile image from the provider. For email and password accounts, we generate a temporary email verification token that expires after 24 hours and is deleted after successful verification.
Form Data
We store the forms you create (including field definitions, conditional logic, themes, and settings) and the responses submitted to those forms. Form responses are stored as structured data (JSON) associated with your account.
File Uploads
When respondents upload files through form fields, the files are stored in Cloudflare R2 object storage. We collect the file content, file name, MIME type, and file size. Files are accessible only via pre-signed URLs that expire after 1 hour. File size limits depend on your plan tier (10MB for Starter, 50MB for Pro). Theme images (logo and background) are limited to 5MB.
Webhook Data
If you configure webhook integrations, we store the webhook endpoint URLs you provide and maintain delivery logs (including delivery status, timestamps, and retry attempts). Webhook payloads containing submission data are transmitted to your specified endpoints and are not retained by FormGen after successful delivery.
Team and Workspace Data
When you invite team members to your workspace, we collect and store the email addresses of invited users, invitation tokens (which expire after 7 days), and assigned roles (owner, admin, or member). Email addresses of workspace members are visible to other members of the same workspace.
Partial Submission Data
When the save-and-resume feature is enabled on a form (Pro plan), incomplete responses are stored as draft submissions. Drafts include the partial response data and an HMAC-signed resume token. Drafts automatically expire and are deleted after 7 days of inactivity.
Custom Domain Data
If you configure a custom domain for your forms (Pro plan), we store the domain name, DNS verification records (TXT records), and verification status. We do not access or store other DNS records associated with your domain.
Usage Data
We collect information about how you use the Service, including pages visited, features used, form creation and editing activity, and general interaction patterns. This data helps us improve the Service.
Technical Data
We automatically collect IP addresses, browser type, device information, and referring URLs when you access the Service. For form submissions, we collect the respondent's IP address for rate limiting and bot detection purposes.
2. How We Use Information
We use the collected information to:
- Provide, maintain, and improve the Service
- Process form submissions and deliver them to form owners
- Send email notifications about form submissions (when enabled by the form owner)
- Process payments and manage subscriptions
- Prevent abuse through rate limiting and bot detection
- Generate anonymized analytics and usage statistics
- Generate AI-powered analytics insights when requested by the form owner (Pro plan, opt-in). This involves sending form response data to OpenAI for processing.
- Deliver form submission data to webhook endpoints configured by the form owner
- Facilitate team collaboration by sharing workspace data among invited team members
- Store partial submissions and issue resume tokens for save-and-resume functionality
- Verify custom domain ownership via DNS record validation
- Communicate service updates and respond to support requests
3. Data Storage and Security
Your data is stored using industry-standard infrastructure and security practices:
- Database: Neon PostgreSQL with encrypted connections (TLS) and encrypted storage at rest
- File Storage: Cloudflare R2 with pre-signed URLs that expire after 1 hour
- Caching: Upstash Redis for rate limiting and temporary form caching (60-second TTL)
- Passwords: Hashed using bcrypt with a cost factor of 12 (never stored in plain text)
- Hosting: Vercel with automatic HTTPS and DDoS protection
We implement access controls, audit logging for destructive operations, and tenant isolation at the database level to prevent unauthorized access to your data.
4. Third-Party Services
We use the following third-party services to operate the platform. Each service processes data according to their own privacy policies:
- Stripe — Payment processing. Receives your payment information (card details are handled directly by Stripe and never touch our servers).
- Google OAuth / GitHub OAuth — Authentication. Receives authorization requests and provides your basic profile information.
- Resend — Email delivery. Receives recipient email addresses and notification content for submission alerts.
- Upstash — Rate limiting and caching. Temporarily stores rate limit counters and cached form data.
- OpenAI — AI form generation and AI analytics. When you use AI-powered form creation, your form description is sent to OpenAI for processing. Additionally, if you use the AI Analytics feature (Pro plan, opt-in), form response data (up to 100 responses per analysis) is sent to OpenAI (gpt-4o-mini) to generate summaries, identify themes, and produce per-field insights and recommendations. AI Analytics is entirely opt-in and is not activated unless you explicitly request an analysis.
- Vercel — Hosting and edge network. Processes all web requests to the Service.
- Google Analytics — Usage analytics. Collects anonymized data about page visits, session duration, and feature usage to help us improve the Service. No personally identifiable information is sent to Google Analytics.
- Google Ads — Advertising conversion tracking. Measures which ad clicks lead to sign-ups. Sets first-party cookies for conversion attribution.
5. Cookies and Tracking
We use essential cookies for authentication (session tokens) and preferences (theme selection). We use Google Analytics to understand how the Service is used and to improve the experience. We also use Google Ads cookies to measure the effectiveness of our advertising campaigns and attribute conversions. For a complete list of cookies we use, see our Cookie Policy. Our cookies include:
- Session cookie — Maintains your authenticated session (expires on browser close or after 30 days)
- CSRF token — Prevents cross-site request forgery attacks (session duration)
- Theme preference — Stores light/dark mode preference (persistent, via localStorage)
- Analytics cookies — Google Analytics cookies (
_ga,_ga_*) to help us understand usage patterns (up to 2 years) - Advertising cookies — Google Ads cookies (
_gcl_au,_gcl_aw) to measure ad campaign effectiveness and conversion attribution (up to 90 days) - Password protection cookie —
fp_{formId}cookie set when a respondent successfully verifies a password-protected form. HttpOnly, Secure, SameSite=lax, 24-hour expiry, scoped to the form's own URL path. The cookie is cryptographically bound to the current form password, so rotating the password invalidates every issued cookie immediately. This cookie avoids requiring re-verification on each page load.
6. Data Retention and Deletion
We retain your data for as long as your account is active. Form responses are retained until you delete them or delete the associated form.
When you delete your account, your data is retained for 30 days (to allow recovery if the deletion was accidental), after which it is permanently deleted from our systems and backups. You may request immediate deletion by contacting support.
The following data types have specific retention periods:
- Partial submissions (drafts): Automatically deleted after 7 days of inactivity
- Team invitation tokens: Expire and are invalidated after 7 days
- Webhook delivery logs: Retained for the lifetime of the associated form
- File uploads: Retained until the associated form response is deleted or the form is deleted
- Password protection cookies: Expire automatically after 24 hours
7. Your Rights
You have the right to:
- Access your data — view all forms and responses in your account
- Export your data — download form responses as CSV or JSON at any time
- Delete your data — delete individual responses, entire forms, or your full account
- Correct your data — update your account information through settings
- Object to processing — contact us to opt out of non-essential data processing
To exercise these rights, use the built-in account features or contact us at [email protected].
8. Form Respondent Privacy
When someone submits a response to a form you created, they are providing their data to you (the form owner). You are the data controller for form responses, and FormGen acts as a data processor on your behalf. The terms of this processing relationship are detailed in our Data Processing Agreement. You are responsible for:
- Informing respondents about what data you collect and how you use it
- Obtaining appropriate consent where required by law
- Handling data subject requests from your respondents
- Complying with applicable data protection laws in your jurisdiction
9. Children's Privacy
The Service is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us and we will promptly delete it.
10. International Data Transfers
Your data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable data protection laws.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice in the Service at least 14 days before taking effect. The "Last updated" date at the top reflects the most recent revision.
12. Contact
For privacy-related questions or requests, contact us at [email protected].