Your data is safe with us
SendForm.live is built with security and privacy at its core. Here's how we protect your forms and submissions.
Security features
HTTPS Everywhere
All data is encrypted in transit with TLS 1.3. We enforce HTTPS on all connections with HSTS headers.
Cloudflare Edge Network
Built on Cloudflare Workers, your data is processed at the edge closest to your users for speed and security.
Spam Protection
Built-in Cloudflare Turnstile CAPTCHA and honeypot fields block bots without annoying your users.
Encrypted Secrets
Webhook secrets are encrypted with AES-256-GCM before storage. Your API keys are never stored in plain text.
Rate Limiting
Automatic rate limiting prevents abuse and protects against denial-of-service attacks on your forms.
Secure Authentication
User authentication is handled by Clerk, an industry-leading auth provider with SOC 2 compliance.
Privacy by design
GDPR-Ready Privacy Notices
Add customizable privacy notices with consent checkboxes to any form. Include links to your privacy policy.
Automatic Data Retention
Submissions are automatically deleted after 30 days (Free) or 1 year (Pro). You control how long data is kept.
IP Address Hashing
We hash IP addresses for spam prevention. We don't store raw IP addresses in submission records.
No Third-Party Tracking
We don't sell your data or use third-party trackers on your forms. Your submissions stay private.
Infrastructure
Built on Cloudflare
- Global edge network with 300+ locations
- DDoS protection included
- Automatic SSL/TLS certificates
- Web Application Firewall (WAF)
Security headers
- Strict-Transport-Security (HSTS)
- Content-Security-Policy (CSP)
- X-Content-Type-Options: nosniff
- X-Frame-Options protection
Compliance
SendForm.live helps you stay compliant with privacy regulations.
Privacy notices & consent
Data deletion support
Via Clerk authentication
Ready to build secure forms?
Start collecting submissions with confidence. Your data is protected.