About Sensitive Data
If you are collecting sensitive data in your form, you can use FormAssembly's Sensitive Data Feature to indicate which specific fields contain that data. By doing this, you will ensure that no sensitive data is stored on our servers.
For example, if you are asking for a respondent's credit card number or CVV code, that is sensitive information which should not be stored. When you mark a field as being sensitive, you will be able to choose what type of data you are collecting.
For any fields marked sensitive, we do not store that data and we never store full credit card numbers, only the last four digits. Those “dots” or “X”’s as shown in the response is the actual data we have stored. We are allowed to collect this information because we (A) require you to use the Sensitive Data validation and (B) send that data off to a payment processor to handle the actual charge/payment in a secure manner which is PCI compliant.
Banking data, account numbers, passport numbers, and social security numbers are not required to be marked sensitive for PCI Compliance. This data will show in your responses.
Mark fields as sensitive
You can enable this feature in the Form Builder by selecting the field that will be used to collect sensitive data and then clicking on the options button.
On the left side of the screen, make sure the show advanced features box is checked and then choose the Sensitive Data option.
Any data that is marked as sensitive will be masked by default in your responses and in any connectors you might be using.
Additionally, you will see a banner labeled "sensitive" next to any field that you have selected will contain sensitive data:
Using the Save and Resume Feature
It is not advised that you use the Save and Resume Feature in tandem with the Sensitive Data Feature
If a user saves and resumes a form, the fields that have been marked as "sensitive data" will only show the masked information. The previous information that the user entered into the field will no longer be available.
All new FormAssembly forms go through a moderation process to ensure they are collecting appropriate information that will be used in an ethical and legal manner.
By marking fields like credit card information or banking information as "sensitive data" your form will help allow for a faster moderation experience, which will help get your form up and running as quickly as possible.