1. Introduction
Welcome to zForms ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our form analytics service.
2. Information We Collect
2.1 Account Information
- Email address
- Full name
- Password (encrypted)
- Payment information (processed securely through Razorpay)
2.2 Form Analytics Data
Privacy-First Approach: We DO NOT collect or store any form field values, user input data, passwords, or personally identifiable information from your forms.
We only collect:
- Form interaction metadata (focus, blur, submit events)
- Time spent on fields
- Session IDs (anonymized)
- Form structure and field labels
- Browser user agent
- Anonymized IP addresses
2.3 Usage Information
- Project and form configuration
- Dashboard interactions
- API usage statistics
3. How We Use Your Information
- To provide and maintain our analytics service
- To process payments and manage subscriptions
- To generate AI-powered insights about form performance
- To send service-related emails and notifications
- To improve and optimize our service
- To detect and prevent fraud
- To comply with legal obligations
4. Data Sharing and Disclosure
We DO NOT sell your personal information. We may share information with:
- Payment Processors: Razorpay (for payment processing)
- Service Providers: Supabase (database), Vercel (hosting), Google (AI insights)
- Legal Requirements: When required by law or to protect our rights
- Business Transfers: In connection with a merger or acquisition
5. Data Security
We implement industry-standard security measures:
- End-to-end encryption for data transmission (HTTPS/TLS)
- Encrypted password storage using bcrypt
- Row-level security on database
- Regular security audits
- Limited employee access to data
6. Data Retention
We retain your data based on your subscription plan:
- Free Plan: 7 days
- Starter Plan: 30 days
- Pro Plan: 90 days
- Business Plan: 1 year
- Enterprise Plan: 2 years
Account information is retained until you delete your account. After deletion, we may retain certain data for legal compliance (up to 7 years).
7. Your Rights (GDPR/CCPA)
You have the right to:
- Access: Request a copy of your data
- Rectification: Correct inaccurate data
- Erasure: Request deletion of your data ("right to be forgotten")
- Portability: Receive your data in a portable format
- Restriction: Restrict processing of your data
- Objection: Object to processing of your data
- Withdrawal: Withdraw consent at any time
To exercise these rights, contact us at: privacy@zforms.xyz
8. Cookies and Tracking
We use essential cookies for:
- Authentication and session management
- Security features
- Remembering your preferences
We DO NOT use third-party advertising cookies or tracking pixels.
9. International Data Transfers
Your data may be transferred to and stored in servers located outside your country. We ensure adequate protection through:
- Standard Contractual Clauses (SCCs)
- Data Processing Agreements with service providers
- Compliance with GDPR and other privacy regulations
10. Children's Privacy
Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by:
- Posting the new policy on this page
- Updating the "Last updated" date
- Sending an email notification (for material changes)
12. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us:
13. Data Protection Officer
For GDPR-related inquiries, you may contact our Data Protection Officer at: dpo@zforms.xyz