Every website that collects user data through forms is required to notify them of the purposes and conditions of processing this data. The simplest and most familiar tool is to check the consent box with the privacy policy. Without it, it is not only difficult to comply with the requirements of the law, but also the trust of users decreases: few people will want to leave contact information if it is unclear what will happen to them next.
There are different ways to add such a checkmark. Let's look at the main options: from a simple manual solution to the built-in features of QForm.
Developers often add a checkbox directly to the HTML code of the form. Upon activation, the user confirms their agreement with the policy posted on the website. The method is working, but it requires the owner of the resource to monitor the texts, formulations and storage of confirmations himself. This increases the risk of legal errors and adds constant worries.
Many companies start this way. A checkbox is added to the site with text like:
"I agree to the privacy policy and the terms of personal data processing."
The form is not submitted until the check mark is set. Technically, this is implemented through the required attribute in HTML or a simple server-side check.
Advantages:
Disadvantages:
Thus, the manual method is good for starting or small projects, but as the business grows and the number of forms often raises the question of automation.
To simplify the task, QForm implements ready-made mechanisms for consent to the processing of personal data. The check mark is added to the form automatically, and the consent text takes into account the legal requirements. The user puts a mark and only after that the data is sent.
The main advantage of QForm is the availability of several types of consents that are suitable for different scenarios of working with personal data.
In this case, the site owner is the data operator, and QForm is the processor. This is the most flexible model: you can collect almost any data (except biometrics), add and edit the consent text, enable a separate check mark for mailing lists, or even work with special categories of personal data. The data is stored for three years. This option is chosen by companies that manage their own processing processes and are primarily responsible to users.
Here, QForm becomes the data operator, and the site owner gets access as a third party. This option is easier from the point of view of the legal burden, but imposes restrictions: you cannot collect passport, special and some other sensitive data. The shelf life is also three years. This option is usually chosen by those who have a basic level of data management without having to delve deeply into legal details.
A free option in which both QForm and the site owner are considered data operators. The data is stored for only one year, and the restrictions on its types are even stricter: personal, passport, special and commercial information cannot be collected. This option is suitable for projects where a minimum level of legal protection is required and there is no need to work with sensitive categories of information.
You can check the privacy policy manually, but it is more convenient and safer through QForm. Depending on the scale of the business and the types of data collected, you can choose the appropriate consent option and be sure that the form meets the requirements of the law and the expectations of users.