mirror of
https://github.com/silverstripe/silverstripe-userforms.git
synced 2024-10-22 17:05:42 +02:00
Merge pull request #923 from open-sausages/pulls/docs-warning-submission-storage
DOCS Data protection and privacy note
This commit is contained in:
commit
d43279f44d
@ -3,14 +3,6 @@
|
||||
UserForms enables CMS users to create dynamic forms via a drag and drop interface
|
||||
and without getting involved in any PHP code.
|
||||
|
||||
## Maintainer Contact
|
||||
|
||||
* Will Rossiter (Nickname: wrossiter, willr) `<will (at) fullscreen (dot) io>`
|
||||
|
||||
## Requirements
|
||||
|
||||
See the "require" section of [composer.json](https://github.com/silverstripe/silverstripe-userforms/blob/master/composer.json)
|
||||
|
||||
## Features
|
||||
|
||||
* Construct a form using all major form fields (text, email, dropdown, radio, checkbox..)
|
||||
|
@ -7,7 +7,26 @@ summary: How to use the UserForms module to create forms via the CMS.
|
||||
|
||||
Make sure that your SilverStripe CMS installation has the [UserForms](https://addons.silverstripe.org/add-ons/silverstripe/userforms/) module installed.
|
||||
|
||||
## UserForm features
|
||||
## Data Protection and Privacy
|
||||
|
||||
**IMPORTANT: READ THIS BEFORE USING THE MODULE**
|
||||
|
||||
This feature allows authors with CMS permissions to create forms which process submission data,
|
||||
and store data the CMS database by default. Anyone with the ability to create forms
|
||||
also has access to view and export submissions. As the owner and operator of your website,
|
||||
you should ensure processes and safeguards are in place to perform these actions securely.
|
||||
|
||||
This is your responsibility, but here are a few tips to get you started:
|
||||
|
||||
* Ensure you have the necessary consents for processing and storing data according to your legislation (e.g. GDPR)
|
||||
* Only accept form submissions via encrypted transfers (HTTPS) - check our [Secure Coding](https://docs.silverstripe.org/en/4/developer_guides/security/secure_coding/) guidelines
|
||||
* Control access to form submissions (via CMS page access controls)
|
||||
* Create a process to limit the types of data you are allowed to collect via this feature (e.g. no payment information or health data)
|
||||
* Create a process for limiting submission storage duration (manual deletion)
|
||||
* Consider further safeguards such as at-rest encryption (check [encryption related addons](https://addons.silverstripe.org/add-ons?search=encrypt))
|
||||
|
||||
## Features
|
||||
|
||||
* [Create and edit forms](creating-and-editing-forms.md)
|
||||
* [Add different field types to a form](field-types.md)
|
||||
* [Set up multipage forms](multipage-forms.md)
|
||||
|
Loading…
Reference in New Issue
Block a user