Back to home
Security

Security at FormSnapp

Your forms and your respondents' answers are yours. This page explains, in plain language, the measures we take to keep them safe.

Last updated:

Overview

Security isn't a feature we bolt on — it's built into how FormSnapp is designed and operated. We encrypt data in transit and at rest, follow the principle of least privilege, and rely on well-established infrastructure providers rather than rolling our own. This page summarises the practical controls in place today.

It complements our Privacy Policy, which explains what data we collect and why.

Encryption

  • In transit: all traffic to and from FormSnapp is served over HTTPS using TLS 1.2 or higher.
  • At rest: data stored in our database and object storage is encrypted at rest by our storage providers.
  • Integration tokens: OAuth access and refresh tokens for connected services (Google Sheets, Slack, Notion) are additionally encrypted at rest with AES-256-GCM before they ever touch our database.

Authentication & access

  • Sign-in is handled by Google Firebase Authentication — we never store your password.
  • Sessions use a short-lived, signed cookie with the httpOnly, Secure, and SameSite=Lax flags, so it can't be read by scripts or sent from other sites.
  • Every request is authorised on the server: we verify both your session and that you own the workspace or resource you're acting on. We never trust the client.
  • Access to production systems is limited to authorised team members on a need-to-know basis.

Integration tokens

When you connect an integration, we request the narrowest access that makes the feature work — and store the resulting tokens encrypted.

  • Google Sheets: we request only the ability to create and write to spreadsheets FormSnapp creates for you (the drive.file scope). We cannot see or modify any other file in your Drive.
  • Slack: permission is limited to posting response notifications to the channels you choose. We cannot read your conversations.
  • Notion: access is limited to the pages and databases you explicitly share with the integration.
  • You can disconnect any integration at any time, which deletes its stored tokens. You can also revoke access from the provider directly.

Infrastructure & storage

We build on trusted, industry-standard providers rather than operating our own hardware. Our core sub-processors are:

  • Vercel — application hosting and content delivery
  • MongoDB Atlas — primary database (forms, responses, accounts)
  • Cloudflare R2 — file upload storage
  • Google Firebase — authentication
  • Upstash Redis — rate limiting and short-lived caches
  • Inngest — background job queue for notifications and integrations
  • Resend — transactional email
  • Dodo Payments — payment processing (we never see or store full card numbers)
  • PostHog — anonymised product analytics; Sentry — error monitoring

The full, current sub-processor list lives in our Privacy Policy.

Where your data is stored

Your account data, forms, and responses are stored in our primary database (MongoDB Atlas) in the United States. Files uploaded through your forms are stored with Cloudflare R2 in the European Union. In all locations, data is encrypted in transit and at rest.

Spam & abuse protection

  • Form submission endpoints are rate-limited to prevent flooding and abuse.
  • Bot protection (including CAPTCHA and honeypot techniques) helps keep your response data clean.
  • Acceptable-use rules prohibit phishing, malware, and unlawful data collection — see our Terms of Service.

Data retention & deletion

You stay in control of your data. You can delete individual responses, clear all responses for a form, or delete your account at any time from your dashboard.

  • Deleting a form permanently removes its responses within 30 days.
  • Closing your account removes your personal data within 60 days, except records we're legally required to keep (e.g. billing).
  • To make a formal data request, email security@formsnapp.com or support@formsnapp.com.

Monitoring & reliability

  • Errors and performance are continuously monitored with Sentry so we can catch and fix issues quickly.
  • Background delivery (integrations, webhooks, emails) runs on a queue that retries automatically, so a momentary outage doesn't silently drop your data.
  • We recommend exporting important response data periodically as a good general practice.

Responsible disclosure

No system is perfectly secure. If you believe you've found a security vulnerability, we want to hear from you. Please email security@formsnapp.com with the details and steps to reproduce. Please give us a reasonable opportunity to address the issue before any public disclosure — we're grateful for reports made in good faith.

Contact

Questions about our security practices? Get in touch:

  • Security: security@formsnapp.com
  • General support: support@formsnapp.com