GDPR and Data Privacy

Data Ownership

All form submissions are stored exclusively in your WordPress database. Formcierge does not send submission data to any external server. Your data stays on your server, under your control.

Consent Field

Add a Consent field to any form to require explicit GDPR consent. The field renders as a checkbox with customisable label text and an optional link to your Privacy Policy. Submissions are blocked until the user checks this box.

Data Export

Formcierge integrates with WordPress’s built-in personal data exporter:

1. Go to Tools → Export Personal Data.
2. Enter the user’s email address.
3. Formcierge includes all entries submitted with that email in the export ZIP.

Data Erasure

The personal data eraser removes all entries linked to a specific email address:

1. Go to Tools → Erase Personal Data.
2. Enter the user’s email and confirm.
3. All matching Formcierge entries are permanently deleted.

Entry Retention Policies

Set automatic deletion of entries after a configurable number of days in Formcierge → Settings → Privacy. This runs as a daily WP-Cron job. Optionally restrict to specific forms.

IP Address Handling

By default, the submitter’s IP is stored with each entry. To disable this, use the formcierge_store_ip_address filter:

add_filter( 'formcierge_store_ip_address', '__return_false' );