Back

Roadmap Post April 2018: Our GDPR Roadmap

Share

Join our newsletter!

Receive the latest data collection news in your inbox.

With GDPR on the horizon, we’re working on several product updates to benefit our customers that fall under the regulation. Though these are not necessary for GDPR compliance, we are actively working on these improvements to further simplify and streamline your experience.

New Content Type

FormAssembly Release 5.0.2: Professional & Premier 5/21/2018, Enterprise & Compliance Cloud 6/11/2018
Plans: All plans
With a new highlighted fieldset as an available type of content, you can style that section separately from other fieldsets so you can make it stand out visually.
Under the GDPR, the consent section of a form must be “clearly distinguishable from the other matters, in an intelligible and easily accessible form, using clear and plain language.” (Article 7(2)). With this addition we make it easier to create “consent sections” that meet the GDPR standard. It can also be used in other contexts to display, or request any information that must stand out from the rest of the form.

New Sensitive Data Types

FormAssembly Release 5.0.2: Professional & Premier 5/21/2018, Enterprise & Compliance Cloud 6/11/2018
Plans: All plans
Categorizing Sensitive Data enables further privacy-related features, like data masking, as well as helping with GDPR notification requirements when collecting data from third-parties. We are working on new sensitive data types, including:

  • PII
    • Mark as “Unspecified” (default)
    • Mark as “First Party” for data that belongs to the respondent
    • Mark as “Third Party” for data that does NOT belong to the respondent
  • Generic Sensitive Data: This can be anything considered sensitive that doesn’t fall under other categories. Example: Invoice numbers.

Customize the Text of the “Contact Information” Link

FormAssembly Release 5.0.2: Professional & Premier 5/21/2018, Enterprise & Compliance Cloud 6/11/2018
Plans: All plans
Providing identity and contact information to users is one of the requirements of the GDPR. Previously the link text for contact information was set to “Need assistance?” but we are working on the ability to customize that link text, show or hide the link, and change whether it points to your public Contact Information page or redirects to another website.

Show GDPR Rights Link

FormAssembly Release 5.0.2: Professional & Premier 5/21/2018, Enterprise & Compliance Cloud 6/11/2018
Plans: All plans
Individuals have certain rights under the GDPR, such as:

  • Right to Request Access, Rectification or Erasure of Data
  • Right to Withdraw Consent
  • Right to Lodge a Complaint to a Supervisory Authority

We are working on a feature that, if enabled would show a link next to the contact information link that would read “Your rights under the GDPR” (the link text and URL would be customizable). The link would take people to a page summarizing all the respondent’s GDPR rights.

Search Responses Across All Forms

FormAssembly Release 5.0.3: Professional & Premier 6/13/2018, Enterprise & Compliance Cloud 7/5/2018
Plans: All plans
The ability to search responses has been a much-requested feature even before the GDPR became a hot topic. We are looking at improvements that will allow FormAssembly users to search responses. This will facilitate the retrieval of personal data when processing GDPR requests from data subjects.

Enable IP Anonymization on a Form-by-Form Basis

FormAssembly Release 5.0.2: Professional & Premier 5/21/2018, Enterprise & Compliance Cloud 6/11/2018
Plans: All plans
IP addresses are part of response metadata collected by FormAssembly forms, and they are considered PII under the GDPR. For further respondent privacy, we are working on an update that will allow users to enable IP anonymization on individual forms.

Account

FormAssembly Release 5.0.1: Professional & Premier 5/2/2018, Enterprise & Compliance Cloud 5/7/2018
In FormAssembly accounts we will add a checkbox for customers to note whether or not GDPR applies to their use of FormAssembly. This will allow us to reach out to customers to ensure they have signed the required Data Processing Addendum.

Session timeouts

FormAssembly Release 5.0.2: Professional & Premier 5/21/2018, Enterprise & Compliance Cloud 6/11/2018
Plans: Enterprise Cloud and Compliance Cloud
Enterprise Cloud and Compliance Cloud administrators will be able to set a session timeout that will automatically log out users after 30 minutes of inactivity. Compliance Cloud administrators can customize the timeout length.

Customize Session timeouts

Unreleased
Plans: Compliance Cloud
Compliance Cloud administrators will be able to customize a session timeout that will automatically log out users after a specified period of inactivity.

Salesforce Connectors

FormAssembly Release 5.0.2: Professional & Premier 5/21/2018, Enterprise & Compliance Cloud 6/11/2018
Plans: All plans
We plan to update the Salesforce API to version 42, which will add “Individual” as a standard object. According to Salesforce: “The standard object, Individual, includes fields for storing data privacy preferences in data privacy records.”


Learn more about the GDPR in our dedicated FAQ page.

Don’t just collect data
— leverage it