Privacy Policy

Last Updated: January 30, 2026

FormBuddy ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application at formbuddy.app (the "Service").

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

1. Information We Collect

1.1 Personal Information You Provide

Account Information:

  • Email address (used for authentication via one-time password links)

  • Account creation date

  • Subscription status


Payment Information:

  • Billing information is processed and stored by our payment processor, Stripe

  • We do not store your full credit card information on our servers

  • We receive and store: customer ID, subscription ID, subscription status, and payment timestamps


User Content:

  • Feedback you provide about our form guides (ratings, comments)

  • Form requests (names of forms you'd like us to add)

1.2 Automatically Collected Information

Analytics Data (via Google Analytics):

  • Pages you visit and how you navigate our Service

  • Form completion rates and user flow patterns

  • Device information (browser type, operating system)

  • Approximate geographic location (country/region level)

  • IP address (anonymized)

  • Session duration and interaction patterns

  • Events such as button clicks, form submissions, and navigation actions


Technical Information:

  • Browser type and version

  • Device type

  • Operating system

  • Screen resolution

  • Preferred language settings

  • Timezone information (used for geo-targeting cookie consent)


Cookies and Similar Technologies:
We use cookies and similar tracking technologies to track activity on our Service. See our Cookie Policy section below for details.

2. How We Use Your Information

We use the information we collect to:

2.1 Provide and Improve Our Service

  • Authenticate your account and provide access to premium features

  • Process your subscription payments

  • Deliver form guides and content in your preferred language

  • Respond to your questions and requests

  • Improve our form guides based on user feedback and usage patterns

2.2 Analytics and Performance

  • Understand how users interact with our Service

  • Identify and fix technical issues

  • Analyze user behavior to improve features and content

  • Measure conversion rates and subscription funnel performance

  • Track form completion rates to improve guide quality

2.3 Communication

  • Send you login links via email (one-time passwords)

  • Send service-related announcements when necessary

  • Respond to feedback you submit

2.4 Legal and Security

  • Comply with legal obligations

  • Prevent fraud and abuse

  • Protect the rights and safety of our users

3. Third-Party Services

We use the following third-party service providers:

3.1 Supabase (Authentication & Database)

Purpose: User authentication and data storage

  • Data Shared: Email addresses, user IDs, subscription status, feedback, form requests

  • Privacy Policy: https://supabase.com/privacy

  • Location: United States

3.2 Stripe (Payment Processing)

Purpose: Process subscription payments

  • Data Shared: Email address, payment information you provide directly to Stripe

  • Privacy Policy: https://stripe.com/privacy

  • Location: United States

  • Note: Stripe is PCI-DSS compliant and handles all payment card information securely

3.3 Google Analytics (Analytics)

Purpose: Understand user behavior and improve our Service

  • Data Shared: Anonymized usage data, page views, events, device information

  • Privacy Policy: https://policies.google.com/privacy

  • Location: United States

  • Opt-out: Available via cookie consent banner (non-US users) or browser settings

3.4 Google Tag Manager (Tag Management)

Purpose: Manage analytics and tracking tags

4. Cookie Policy

4.1 What Are Cookies?

Cookies are small text files stored on your device that help us provide and improve our Service.

4.2 Types of Cookies We Use

Essential Cookies:

  • Authentication cookies (to keep you logged in)

  • Cookie consent preferences

  • Language preferences


Analytics Cookies:

  • Google Analytics cookies

  • Google Tag Manager cookies

  • Used to measure site usage and improve our Service

4.3 Cookie Consent

For Users in the United States:
By using our Service, you consent to the use of cookies for analytics and improving your experience.


For International Users:
When you first visit our Service, you will see a cookie consent banner. You can choose to:

  • Accept: Allow all cookies including analytics

  • Decline: Only essential cookies will be used


You can change your cookie preferences at any time by clearing your browser's local storage and revisiting the site.

4.4 Managing Cookies

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Service.

5. Data Retention

We retain your information for as long as necessary to:

  • Provide our Service to you

  • Comply with legal obligations

  • Resolve disputes and enforce our agreements


Specific Retention Periods:

  • Account Data: Retained while your account is active and for 90 days after account deletion

  • Payment Records: Retained for 7 years for tax and accounting purposes

  • Analytics Data: Retained for 26 months (Google Analytics default)

  • Feedback & Form Requests: Retained indefinitely to improve our Service (anonymized after 2 years)

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit (HTTPS/TLS)

  • Secure authentication via one-time password links

  • Regular security updates and monitoring

  • Access controls and authentication for our systems

  • Use of secure, industry-standard third-party services


However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

7.1 Rights for All Users

Access: Request a copy of the personal information we hold about you

  • Correction: Request correction of inaccurate information

  • Deletion: Request deletion of your account and associated data

  • Opt-out: Decline analytics cookies (non-US users via banner; US users via browser settings)

7.2 Additional Rights (GDPR - EU Users)

Data Portability: Receive your data in a structured, machine-readable format

  • Restriction: Request restriction of processing in certain circumstances

  • Objection: Object to processing based on legitimate interests

  • Withdraw Consent: Withdraw consent for analytics cookies at any time

7.3 Additional Rights (CCPA - California Users)

Know: Know what personal information is collected and how it's used

  • Delete: Request deletion of personal information

  • Opt-Out: Opt out of the sale of personal information (Note: We do not sell your information)

  • Non-Discrimination: Not be discriminated against for exercising your rights

7.4 How to Exercise Your Rights

To exercise any of these rights, please contact us at:


For account deletion:

  1. Log into your account

  2. Cancel your subscription via "Manage Subscription"

  3. Contact us to request account deletion

8. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

9. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. These countries may have different data protection laws than your country.


By using our Service, you consent to the transfer of your information to the United States and other countries.


We ensure appropriate safeguards are in place when transferring data internationally, including:

  • Using service providers that comply with GDPR and other data protection regulations

  • Implementing standard contractual clauses where required

  • Ensuring our service providers maintain adequate security measures

10. Do Not Track Signals

Our Service does not currently respond to Do Not Track (DNT) browser signals. However, you can control analytics tracking through our cookie consent banner (non-US users) or browser settings.

11. Third-Party Links

Our Service may contain links to third-party websites (e.g., IRS.gov for form downloads). We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

  1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Updating the "Last Updated" date at the top of this policy

  • Posting the new policy on this page

  • Sending an email notification (for significant changes)


Your continued use of the Service after changes constitute acceptance of the updated policy.

13. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):


Categories of Personal Information We Collect:

  • Identifiers (email address)

  • Commercial information (subscription status, payment history)

  • Internet activity (browsing behavior, form usage)

  • Geolocation data (approximate, via timezone)


Business Purpose for Collection:

  • Providing our Service

  • Processing payments

  • Analytics and improvement

  • Security and fraud prevention


We Do Not Sell Your Personal Information


For more information or to exercise your California privacy rights, contact contact@formbuddy.app.

14. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):


Legal Basis for Processing:

  • Contract: Processing necessary to provide our Service (authentication, subscriptions)

  • Consent: Analytics cookies and tracking (you can withdraw consent anytime)

  • Legitimate Interests: Improving our Service, preventing fraud, security


Data Controller:
FormBuddy is the data controller for your personal information.


Supervisory Authority:
You have the right to lodge a complaint with your local data protection authority.

15. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Notify affected users within 72 hours of discovery

  • Describe the nature of the breach and affected data

  • Provide information on steps we're taking to address the breach

  • Advise you on steps you can take to protect yourself

  • Notify relevant authorities as required by law

16. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us:


FormBuddy Privacy Team


For general support inquiries, please use: contact@formbuddy.app