Sign inGet started

Security

Security and Data Protection

OK Forms is designed to protect form data in transit and during processing with practical controls for production workflows.

SOC 2 Type II

Compliant

GDPR

Compliant

HIPAA

Available

99.9% Uptime

SLA Backed

Transport and Delivery

  • HTTPS is required for browser and API traffic.
  • CloudPage webhook payloads can be signed and verified to prevent tampering.
  • Replay protection can be enabled to reduce duplicate processing risk.

Data Handling

  • Form owners control form structure, mappings, and destination configuration.
  • Draft capture can be enabled to preserve partial progress.
  • Operational cleanup jobs should be configured to avoid stale draft accumulation.

Operational Recommendations

  • Rotate secrets regularly and avoid committing credentials to source control.
  • Use least-privilege credentials for external services and integrations.
  • Log delivery errors and monitor failures to detect integration drift early.

Data Privacy

OK Forms does not sell or share respondent data with third parties. All data processing is governed by our Privacy Policy.

Security inquiries

For compliance questionnaires or security reviews

Contact Security