[{"data":1,"prerenderedAt":352},["ShallowReactive",2],{"kc-/knowledge/form-data-ownership":3,"kc-clusters-/knowledge/form-data-ownership":139,"kc-related-/knowledge/form-data-ownership":351},{"id":4,"title":5,"author":6,"body":7,"date":103,"description":104,"draft":105,"extension":106,"faqs":107,"image":117,"isPillar":118,"meta":119,"navigation":118,"path":120,"pillar":121,"pillarName":121,"seo":122,"sources":123,"stem":132,"tags":133,"takeaways":137,"updated":103,"__hash__":138},"knowledge/knowledge/form-data-ownership.md","Form Data Ownership and Privacy: Who Controls Your Responses?","RoundPushPin Team",{"type":8,"value":9,"toc":95},"minimark",[10,14,20,25,41,45,66,70,76,80],[11,12,13],"p",{},"Form data ownership is the question of who actually controls the responses your form collects — you, or the platform you built it on. With most hosted form tools the answer is \"the vendor holds it and you access it\"; with a self-hosted, relational store the answer is \"you hold it.\" That distinction shapes your privacy posture, your portability, and your risk.",[15,16,17],"blockquote",{},[11,18,19],{},"This article is general information about data-protection concepts, not legal advice. For obligations specific to your situation, consult a qualified professional.",[21,22,24],"h2",{"id":23},"who-owns-the-data-collected-by-a-form","Who owns the data collected by a form?",[11,26,27,40],{},[28,29,30,31,35,36,39],"strong",{},"Legally, the organization collecting personal data is usually its ",[32,33,34],"em",{},"controller"," and carries the obligations; the form tool is typically a ",[32,37,38],{},"processor"," acting on your instructions."," Practically, \"ownership\" is about control: can you access, export, move, and delete the data freely, or is it locked inside a vendor's platform? Where the data physically lives, and who can reach it, determines how much control you really have.",[21,42,44],{"id":43},"what-privacy-principles-apply-to-form-data","What privacy principles apply to form data?",[11,46,47,48,51,52,55,56,59,60,65],{},"Under the EU/UK GDPR, personal data must be handled according to principles set out in Article 5 — including lawfulness, ",[28,49,50],{},"purpose limitation",", ",[28,53,54],{},"data minimisation"," (collect only what you need), accuracy, ",[28,57,58],{},"storage limitation"," (don't keep it longer than necessary), and integrity and confidentiality. The ICO publishes practical guidance on applying these. Notably, data minimisation is also good form design: asking fewer questions both respects the principle and ",[61,62,64],"a",{"href":63},"/knowledge/form-completion-rate","improves completion",".",[21,67,69],{"id":68},"how-does-where-the-data-lives-affect-privacy","How does where the data lives affect privacy?",[11,71,72,75],{},[28,73,74],{},"It affects who can access it and which transfer rules apply."," Hosted form tools store responses on their infrastructure, which may sit in other jurisdictions and brings cross-border transfer considerations. Keeping responses in a database you control — on infrastructure you choose — removes a third party from the data path and makes residency a decision you make, not one you inherit.",[21,77,79],{"id":78},"how-roundpushpin-approaches-ownership-and-privacy","How RoundPushPin approaches ownership and privacy",[11,81,82,90,91,65],{},[28,83,84,85,89],{},"RoundPushPin is ",[61,86,88],{"href":87},"/knowledge/self-hosted-forms","self-hosted",": responses live in a PostgreSQL database on your own infrastructure, not a vendor's."," That makes data minimisation, retention, export, and deletion things you control directly — the foundations of ",[61,92,94],{"href":93},"/knowledge/gdpr-compliant-forms","building GDPR-compliant forms",{"title":96,"searchDepth":97,"depth":97,"links":98},"",2,[99,100,101,102],{"id":23,"depth":97,"text":24},{"id":43,"depth":97,"text":44},{"id":68,"depth":97,"text":69},{"id":78,"depth":97,"text":79},"2026-03-02","When someone fills in your form, where does the data go — and who controls it? This guide covers form data ownership, the privacy principles that apply, and why self-hosting changes the answer.",false,"md",[108,111,114],{"q":109,"a":110},"Who owns the data collected by an online form?","Practically, whoever can access, export, move, and delete it. Legally, the organization collecting personal data is usually its controller and the form tool is a processor. Self-hosting keeps both control and custody with you.",{"q":112,"a":113},"Are self-hosted forms more private?","They can be, because self-hosting removes a third party from the data path and lets you choose where data is stored. Privacy still depends on how you configure access, retention, and security.",{"q":115,"a":116},"Where is my form data stored?","With most hosted form tools, on the vendor's cloud; with a self-hosted tool like RoundPushPin, in a database on infrastructure you control, so you decide the region and provider.","/images/knowledge/form-data-ownership.png",true,{},"/knowledge/form-data-ownership",null,{"title":5,"description":104},[124,128],{"title":125,"url":126,"publisher":127},"Regulation (EU) 2016/679 (General Data Protection Regulation)","https://eur-lex.europa.eu/eli/reg/2016/679/oj","EUR-Lex, European Union",{"title":129,"url":130,"publisher":131},"UK GDPR guidance and resources","https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/","Information Commissioner's Office (ICO)","knowledge/form-data-ownership",[134,135,136],"privacy","data ownership","guide",[],"pJw9Yv8CYwpqHvDjFahdbN9F0KJpFiu-h0o0tNL6JKQ",[140,259],{"id":141,"title":142,"author":6,"body":143,"date":230,"description":231,"draft":105,"extension":106,"faqs":232,"image":242,"isPillar":105,"meta":243,"navigation":118,"path":93,"pillar":244,"pillarName":245,"seo":246,"sources":247,"stem":253,"tags":254,"takeaways":257,"updated":230,"__hash__":258},"knowledge/knowledge/gdpr-compliant-forms.md","How to Build GDPR-Compliant Forms",{"type":8,"value":144,"toc":224},[145,148,153,157,180,184,196,200,206,210],[11,146,147],{},"A GDPR-compliant form collects personal data lawfully, takes only what it needs, tells people what you'll do with it, and lets you honor their rights over that data. The form tool can't make you compliant on its own, but its design and where it stores data make compliance much easier or much harder.",[15,149,150],{},[11,151,152],{},"This is general information about GDPR concepts, not legal advice. Confirm your specific obligations with a qualified professional.",[21,154,156],{"id":155},"what-does-gdpr-require-of-a-form","What does GDPR require of a form?",[11,158,159,160,163,164,167,168,171,172,175,176,179],{},"At a high level, the GDPR's Article 5 principles mean a compliant form should: have a ",[28,161,162],{},"lawful basis"," for collecting the data (consent, contract, legitimate interests, etc., per ICO guidance), collect ",[28,165,166],{},"only what's necessary"," (data minimisation), be ",[28,169,170],{},"transparent"," about purpose, keep data only ",[28,173,174],{},"as long as needed"," (storage limitation), and keep it ",[28,177,178],{},"secure",". People also have rights — access, rectification, erasure — that you must be able to act on.",[21,181,183],{"id":182},"how-do-you-design-a-form-for-data-minimisation","How do you design a form for data minimisation?",[11,185,186,187,191,192,195],{},"Ask less. Every field should map to a real, stated purpose; if you can't name why you need it, drop it or defer it. Practically that means cutting optional fields, avoiding \"nice to have\" questions, and using ",[61,188,190],{"href":189},"/knowledge/conditional-logic-in-forms","conditional logic"," so people only answer what applies. Minimisation is both a legal principle and a ",[61,193,194],{"href":63},"completion-rate"," win.",[21,197,199],{"id":198},"how-do-consent-and-retention-work-on-a-form","How do consent and retention work on a form?",[11,201,202,205],{},[28,203,204],{},"Consent must be specific, informed, and freely given — a pre-ticked box doesn't count."," In practice, that's a clear, unbundled opt-in next to a plain-language purpose, plus a link to your privacy notice. Retention means deciding up front how long you keep each response and being able to delete it on request — which is far easier when the data sits in a database you can query and delete from directly.",[21,207,209],{"id":208},"how-roundpushpin-helps-with-gdpr-compliant-forms","How RoundPushPin helps with GDPR-compliant forms",[11,211,212,218,219,223],{},[28,213,214,215,217],{},"Because RoundPushPin is ",[61,216,88],{"href":87}," with responses in your own PostgreSQL database, you control the data path, residency, retention, and deletion directly — no third-party submissions store to reason about."," Combined with data-minimising ",[61,220,222],{"href":221},"/knowledge/conversational-form-design","conversational design",", it gives you the technical foundation to build compliant forms; the policies and lawful basis remain yours to define.",{"title":96,"searchDepth":97,"depth":97,"links":225},[226,227,228,229],{"id":155,"depth":97,"text":156},{"id":182,"depth":97,"text":183},{"id":198,"depth":97,"text":199},{"id":208,"depth":97,"text":209},"2026-03-04","Building GDPR-compliant forms means collecting only what you need, on a lawful basis, with clear consent and control over retention. This guide covers the principles that apply and how a self-hosted, relational form helps you meet them.",[233,236,239],{"q":234,"a":235},"How do I make a form GDPR-compliant?","Collect data on a lawful basis, take only what you need, be transparent about purpose, keep it only as long as necessary, secure it, and be able to honor access and deletion rights. The tool helps, but the policies are yours. This is general information, not legal advice.",{"q":237,"a":238},"Do I need consent for a form?","Only if consent is your lawful basis — there are others, such as contract or legitimate interests. When you do rely on consent it must be specific, informed, and freely given, with no pre-ticked boxes. Confirm your basis with a professional.",{"q":240,"a":241},"How does self-hosting help with GDPR?","Self-hosting puts the data path, residency, retention, and deletion under your control, with no third-party submissions store to account for. It's a strong technical foundation, though compliance still depends on your policies.","/images/knowledge/gdpr-compliant-forms.png",{},"form-data-ownership","Privacy & data ownership",{"title":142,"description":231},[248,250],{"title":249,"url":126,"publisher":127},"Regulation (EU) 2016/679 (GDPR) — Article 5, principles relating to processing",{"title":251,"url":252,"publisher":131},"Lawful basis for processing","https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/lawful-basis/","knowledge/gdpr-compliant-forms",[255,134,256],"gdpr","compliance",[],"DGrXe9Lk9CMOY7LwUCgCMT0x5pAMGjiqSDCTl-qWFUQ",{"id":260,"title":261,"author":6,"body":262,"date":324,"description":325,"draft":105,"extension":106,"faqs":326,"image":336,"isPillar":105,"meta":337,"navigation":118,"path":87,"pillar":244,"pillarName":245,"seo":338,"sources":339,"stem":346,"tags":347,"takeaways":349,"updated":324,"__hash__":350},"knowledge/knowledge/self-hosted-forms.md","Self-Hosted Forms: Own Your Form Data",{"type":8,"value":263,"toc":318},[264,267,271,277,281,291,295,301,305],[11,265,266],{},"A self-hosted form runs on infrastructure you control, with responses stored in your own database rather than a vendor's cloud. It is the most direct form of data ownership: no third party sits between you and your respondents' answers.",[21,268,270],{"id":269},"what-does-self-hosted-actually-mean","What does \"self-hosted\" actually mean?",[11,272,273,276],{},[28,274,275],{},"It means you run the form application and its database on servers you choose — your own cloud account, a private server, or on-prem — instead of submitting data to a SaaS vendor's platform."," The form still works the same for respondents; the difference is custody. With a hosted tool the vendor holds the data and you access it through their product; self-hosted, you hold it.",[21,278,280],{"id":279},"why-does-self-hosting-matter-for-privacy","Why does self-hosting matter for privacy?",[11,282,283,286,287,290],{},[28,284,285],{},"Because it removes a party from the data path and puts residency in your hands."," Where data is stored and transferred is a real concern under regimes like the GDPR, whose Chapter V governs transfers of personal data across borders. When you self-host, you decide which region and provider hold the data, rather than inheriting a vendor's choices — which simplifies ",[61,288,289],{"href":120},"data ownership and privacy"," generally.",[21,292,294],{"id":293},"what-are-the-trade-offs","What are the trade-offs?",[11,296,297,300],{},[28,298,299],{},"Self-hosting trades convenience for control."," You run the infrastructure — updates, backups, uptime — which a fully-managed SaaS handles for you. The upside is ownership: direct database access, your own residency and retention rules, and no vendor lock-in. Good tooling narrows the gap; a one-command Docker setup and a typed schema (via tools like Drizzle) make running your own stack far less work than it used to be.",[21,302,304],{"id":303},"how-roundpushpin-does-self-hosting","How RoundPushPin does self-hosting",[11,306,307,314,315,65],{},[28,308,309,310,65],{},"RoundPushPin is self-hosted: a Docker Compose file brings up the app with PostgreSQL in one command, so every response lands in a relational database you own and can ",[61,311,313],{"href":312},"/knowledge/query-form-data-with-sql","query with SQL"," You get the conversational experience of a hosted tool with the ownership of running your own — the foundation for ",[61,316,317],{"href":93},"GDPR-compliant forms",{"title":96,"searchDepth":97,"depth":97,"links":319},[320,321,322,323],{"id":269,"depth":97,"text":270},{"id":279,"depth":97,"text":280},{"id":293,"depth":97,"text":294},{"id":303,"depth":97,"text":304},"2026-03-06","Self-hosted forms run on your own infrastructure, so responses live in a database you control rather than a vendor's cloud. This guide explains what self-hosting means, the trade-offs, and why it matters for data ownership.",[327,330,333],{"q":328,"a":329},"What does a self-hosted form mean?","It means the form application and its database run on infrastructure you control, so responses are stored in your own database rather than a vendor's cloud. Respondents see the same form; you hold the data.",{"q":331,"a":332},"Are self-hosted forms worth the trade-off?","If data ownership, residency, or privacy matter, usually yes. You take on running the infrastructure, but you gain direct database access, your own retention rules, and no vendor lock-in. Good tooling narrows the operational gap.",{"q":334,"a":335},"How do I self-host RoundPushPin?","RoundPushPin ships with a Docker Compose setup that brings up the app and PostgreSQL in one command, so every response lands in a relational database you own and can query with SQL.","/images/knowledge/self-hosted-forms.png",{},{"title":261,"description":325},[340,342],{"title":341,"url":126,"publisher":127},"Regulation (EU) 2016/679 (GDPR) — Chapter V, transfers of personal data to third countries",{"title":343,"url":344,"publisher":345},"Drizzle ORM — Overview","https://orm.drizzle.team/docs/overview","Drizzle","knowledge/self-hosted-forms",[88,135,348],"data residency",[],"RzL7AxN_kbM3NSnZ9kp1aFZ7xi-3lBJgfjrKMeMLoUQ",[],1780692424558]