As a form builder and management service, we recognize the importance of excellent security practices for such critical infrastructure. While we are a small team, we take security very seriously.
Our servers are hosted by Heroku. Heroku uses Amazon Web Services (AWS) for their infrastructure, meaning all of our servers and datastores are hosted on AWS infrastructure, managed by Heroku. We also utilize Cloudflare for content delivery and security.
At sign-up, each admin sets up a new profile with their email and password. Passwords are securely hashed using industry-standard bcrypt, and all secrets are securely encrypted in-transit and at-rest. We never store passwords or secrets as plain text.
All communication between the Formester service and our backend service is encrypted with TLS. We use Automated Certificate Management provided by Let's Encrypt and Cloudflare. User data is stored in Heroku PostgreSQL and details of their implementation can be found on the Security page at Heroku.
Credit card and bank information is encrypted, stored, and processed by Stripe with AES-256 encryption. Formester stores a transient token provided by Stripe to reference a customer's credit card through the Stripe API. Credit cards are not stored on Formester servers.
Heroku Postgres provides continuous protection by persisting snapshots, base backups, and WAL files to AWS S3. This secure storage allows for complete database recovery in case of hardware failures, data corruption, or significant service interruptions.
We're not in the business of making money off of data. However, we do collect information about how who is interacting with the system so we can monitor and improve the product, and provide faster, more effective support when issues arise. These events include API requests, sign-ins, sign-outs, etc. More information on the type of data we collect can be found in our privacy policy.
Server and application logs are retained for a maximum of 30 days, after which they are permanently deleted. Retention of account analytics can span up to 90 days, but can be permanently deleted on request. On request for account deletion, we delete all the data for the user and it is irrecoverable.
Due to our small team size, we do not have the bandwidth to fill out security questionnaires for customers on our standard tiers. Please email us if you do not see one of your specific questions answered on this page and we can add it. For customers on an Enterprise tier, we do make an exception.
While we'd eventually love to achieve these certifications, we don't hold them at this time. Please email us if you'd like discuss working with us to get these certifications.
Yes, our infrastructure and datastores are highly available (HA). For infrastructure, we have auto scaling and health checks in place. For datastores, we have primary standbys in place with automatic failover. Standbys are always hosted in a different availability zone (AZ).
Please email us at [email protected], which will notify, and we'll get back to you ASAP. If you have a discovery, please discretely reach out to a member of the team via email for verification, vulnerability acceptance, and remediation timeline. We believe in — and participate in — responsible disclosure. At this time we do not have a bug-bounty program in place, but would like one in the future.
Please email us and we'll happily update this doc.