Important Notice
READ THE TERMS CAREFULLY BEFORE USING THE SERVICES. BY USING THE SERVICES, YOU INDICATE THAT YOU HAVE READ AND ACCEPTED THE TERMS. THE TERMS CONTAIN A DISPUTE RESOLUTION AND ARBITRATION PROVISION, INCLUDING A CLASS ACTION WAIVER THAT AFFECTS YOUR RIGHTS UNDER THE TERMS AND WITH RESPECT TO DISPUTES YOU MAY HAVE WITH FORMFY.
Welcome to Formfy Legal
This page contains all the legal documents, terms, and policies that govern your use of Formfy's services. We've organized everything to help you quickly find the information you need about your rights, our practices, and how we protect your data.
Last updated: December 26, 2025
Quick Navigation
Terms of Service
The agreement between you and Formfy governing your use of our platform.
Privacy Policy
How we collect, use, and protect your personal information.
Acceptable Use Policy
Guidelines for appropriate use of Formfy's services.
Data Processing
Information about how we handle and process data on your behalf.
Understanding Which Terms Apply to You
To understand which terms apply to you, first identify your relationship with Formfy:
Are you a Formfy “Customer”?
You are a “Customer” if:
- You are an individual with a registered Formfy account; or
- You are an organization that has purchased Formfy licenses for your team members to access and use Formfy with registered accounts.
“Customer” means a company or organization which has purchased licenses for use with email domains it owns, controls, or manages, or has authority to bind to the Customer Terms and Conditions and be responsible for individuals using such email domain(s) with the Services.
If you are a Formfy Customer: Your access and use of the Services are subject to the Customer Terms and Conditions unless you have a current and valid Master Service Agreement (MSA) with Formfy. You are also subject to the Data Processing Agreement, the Acceptable Use Policy, and Privacy Policy.
Are you a “Form Respondent” or “Signer”?
You are a “Respondent” or “Signer” if:
- You have received a form link, signing request, or scheduling link made available by a Customer via Formfy's services; or
- You have been invited to sign a document or fill out a form through Formfy; and
- You do not have your own registered Formfy account.
If you are a Respondent/Signer: You are subject to the Respondent Terms and Conditions. For the avoidance of doubt, if you have a Formfy account, your access and use of the Services are governed by the Customer Terms and Conditions.
Are you a “Visitor”?
You are a “Visitor” if:
- You do not have a registered Formfy account; and
- You are not accessing a form, signing request, or scheduling link made available by a Customer.
- You're just here browsing the Website.
If you are a Visitor: You are subject to our Acceptable Use Policy.
Acceptable Use Policy
Formfy's Acceptable Use Policy ensures our platform remains safe and reliable for all users. When using Formfy, you agree NOT to:
- Use the service for any unlawful purpose
- Send spam, phishing attempts, or malicious content through forms
- Collect sensitive information without proper consent and security measures
- Attempt to breach, disable, or circumvent any security features
- Impersonate others or misrepresent your affiliation
- Use automated systems to abuse the service
- Violate any applicable laws or regulations including GDPR, CCPA, HIPAA
- Upload malicious files, viruses, or harmful code
- Use Formfy to harass, abuse, or harm others
- Resell or redistribute Formfy services without authorization
Violation of this policy may result in immediate suspension or termination of your account.
Data Processing Agreement (DPA)
For customers who need a Data Processing Agreement for compliance purposes:
- Formfy acts as a Data Processor on behalf of our Customers (Data Controllers)
- We process form submissions, signatures, and scheduling data as instructed by Customers
- We implement appropriate technical and organizational security measures
- We assist with data subject access requests upon Customer instruction
- Sub-processors are listed and updated as needed
Enterprise customers can request a signed DPA by contacting legal@formfy.ai
GDPR Compliance
Formfy is committed to GDPR compliance for our EU users and customers:
Lawful Basis
We process data based on contractual necessity, legitimate interest, and consent.
Data Subject Rights
Users can access, rectify, delete, or export their data upon request.
Data Transfers
We use appropriate safeguards for international data transfers.
Data Retention
We retain data only as long as necessary for the purposes collected.
Breach Notification
We notify affected parties within 72 hours of discovering a breach as required by GDPR.
Security Practices
Formfy implements industry-standard security measures to protect your data:
Encryption in Transit
256-bit SSL/TLS encryption for all data in transit
Encryption at Rest
AES-256 encryption for data at rest
Compliance
SOC 2 Type II compliance standards
Security Testing
Regular security audits and penetration testing
Authentication
Multi-factor authentication available
Access Controls
Role-based access controls for teams
Backups
Automatic backups and disaster recovery
Monitoring
24/7 security monitoring and alerting
Contact Us
For legal questions, requests, or concerns:
Legal Inquiries
legal@formfy.ai
Response within 2-3 business days
Data Protection (DPO)
privacy@formfy.ai
For GDPR and data subject requests
Specific Request Types
Changes to Terms and Policies
These Terms or policies may change in whole or in part. If we make any material changes, we will use commercially reasonable efforts to provide you with advance notice prior to the change taking effect. You can review the most current version of the Terms at any time by visiting this page. Any material revisions to the Terms will become effective on the date set forth in our notice, and all other changes will become effective on the date we publish the change. If you access or use the Services after the effective date of any changes, that access or use will constitute your acceptance of the revised Terms.