Privacy Policy
Last updated: 16 March 2026
formwhale ("we", "us", or "our") is operated by jcraft Studio. This Privacy Policy explains how we collect, use, and protect information about you when you use formwhale.com and the formwhale application at app.formwhale.com (collectively, the "Service").
If you have questions, contact us at [email protected].
1. Data We Collect
Account & Organisation Data
- Name and email address (when you create an account)
- Organisation name and settings
- Billing information (handled by Stripe — we never see raw card numbers)
- Usage metadata (form count, submission count, plan tier)
Form & Submission Data
- Forms you create: field definitions, logic, branding settings
- Responses submitted to your forms: all field values, file uploads, signatures
- Respondent-provided data (whatever your form collects — you decide what fields to include)
Technical Data
- Server-side access logs (IP address, request path, timestamp, HTTP status code) — retained for 30 days
- Error logs — no form submission content is included
- No cookies are set for analytics. We use server-side aggregation only. No third-party trackers.
AI Features (BYOK — Bring Your Own Key)
If you use AI-powered features (e.g. AI Form Improvements, AI Translation), you supply your own API key from your AI provider (e.g. Google Gemini). Your prompts and API usage go directly between your browser and the AI provider. We never receive or store your AI API key in plaintext, and we never see your AI usage data. Your key is encrypted at rest in our database.
2. How We Use Your Data
- To provide and operate the Service
- To send transactional emails (account verification, form submission notifications, billing receipts) via Resend
- To process payments via Stripe
- To diagnose errors and improve reliability
- To comply with legal obligations
We do not sell your data. We do not use your data for advertising. We do not share your data with third parties except as described in Section 4 (Subprocessors).
3. Data Residency
All formwhale application data — including your account, forms, submissions, and file uploads — is stored on a single server located in Taipei, Taiwan, operated by LayerStack. Backups are stored on the same server with a 14-day retention period.
File uploads may also be stored in Cloudflare R2 (global edge CDN). DNS, CDN, and SSL termination is handled by Cloudflare, which means network traffic transits Cloudflare's global edge network before reaching our server.
If you require data residency in a specific region (e.g. EU, US), please contact us at [email protected] before signing up. We will follow up on a case-by-case basis.
4. Subprocessors
We use the following third-party services to operate formwhale. Each has been selected to minimise data exposure.
| Subprocessor | Purpose | Data Processed | Location |
|---|---|---|---|
| LayerStack | VPS hosting | All application data | Taipei, Taiwan |
| Cloudflare | DNS, CDN, WAF, SSL, R2 file storage | Network traffic metadata, file uploads | Global edge network |
| Stripe | Payment processing | Billing info, email, org name | United States |
| Resend | Transactional email | Email addresses, notification content | United States |
| Google (Gemini API) | AI features (BYOK only) | User-provided prompts only — via your own API key | United States |
| GitHub | Source code hosting, CI/CD | No customer data | United States |
A full, up-to-date subprocessor list is also available at /subprocessors.
5. AI and Automation Transparency
formwhale is a human-governed, AI-powered company. Day-to-day engineering and internal operations are performed by AI agents under human governance and approval workflows. However:
- AI agents do not have access to your form data or submissions. Our architecture enforces this by design — production database credentials are not accessible to the AI agent team.
- All strategic decisions, customer relationships, and policy direction are led by our human board and leadership team.
- A human is always accountable. Our governance framework requires human approval for any decision affecting customer data, security, or billing.
6. Data Security
- All data is encrypted in transit using TLS.
- Database access is restricted to the production VPS. No AI agent or automated system has direct database access.
- AI API keys you provide (BYOK) are encrypted at rest in our database.
- Application queries are scoped to your organisation — no admin role can view another organisation's data.
- No submission data appears in application logs.
7. Data Retention
- Account data: Retained while your account is active. Deleted within 30 days of account closure upon request.
- Form and submission data: Retained while your account is active. You can delete individual submissions or entire forms at any time.
- File uploads: Retained until you delete the submission or form, or close your account.
- Server logs: Retained for 30 days, then automatically purged.
- Backups: 14-day retention on the production server.
8. Your Rights (GDPR & CCPA)
Depending on your location, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your data ("right to be forgotten")
- Export your data in a portable format
- Object to certain processing
- Withdraw consent at any time (where processing is based on consent)
To exercise any of these rights, email [email protected]. We will respond within 30 days.
California residents (CCPA): We do not sell personal information. You may request disclosure of what personal information we have collected about you by contacting us at the email above.
9. Cookies
We do not use advertising or analytics cookies. We use a session cookie strictly necessary for authentication when you are logged in to the application. No third-party tracking pixels or cookies are used.
10. Children's Privacy
The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or via a notice in the application. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Service after changes constitutes acceptance of the revised policy.
12. Contact
For privacy questions, data requests, or to report a concern:
- Email: [email protected]
- Address: jcraft Studio, 21/F, CMA Building, Connaught Road Central, Central, Hong Kong