Security at NueForm™

Your data security is foundational to everything we build. Here's how we protect it.

Encryption

All data is encrypted in transit using TLS 1.2+ and at rest using AES-256. Your form responses and personal data are protected at every layer.

Access Controls

Role-based access control with granular permissions for team members. Support for SSO via Auth0 with multi-factor authentication.

Infrastructure

Hosted on Vercel with automatic scaling, edge network distribution, and enterprise-grade reliability. Database hosted on secure, managed infrastructure.

Data Retention

You control your data. Delete forms, responses, or your entire account at any time. After account deletion, data is purged within 30 days.

Incident Response

We maintain an incident response plan and will notify affected users within 72 hours of discovering any data breach.

Privacy by Design

We never sell or mine your data. No advertising trackers, no third-party data sharing. Your data is used solely to provide the service.

Our commitment

Security isn't a feature we added on — it's embedded in how we design, build, and operate NueForm™. We follow industry best practices and continuously review our security posture.

We use secure authentication through Auth0, enforce HTTPS everywhere, implement rate limiting on all endpoints, and follow the principle of least privilege for all internal access.

If you discover a security vulnerability, please report it responsibly to security@nueform.io. We take all reports seriously and will respond promptly.

Questions about security?