Legal & Compliance
Terms of Service
Last updated: May 28, 2026. Plain English agreements. We agree to supply reliable form API endpoints; you agree not to build malicious, abusive, or credit card stealing forms.
1. Service Delivery
TL;DR: We run high-availability nodes, but you control your endpoints.
FastForm provides the API endpoints, submission database storage, spam filtering, and webhook routing mechanisms.
While we run high-availability, low-latency nodes on our serverless database cluster, you are solely responsible for writing and maintaining the custom client-side form codes (HTML, React, Webflow, Framer) that target our endpoint routes.
2. Prohibited Forms
TL;DR: No phishing, stealing credentials, or credit cards.
We maintain a zero-tolerance policy against malicious forms. You agree absolutely not to deploy endpoints that collect:
- Credentials: Stealing passwords, login tokens, or authentication keys.
- Financial Secrets: Collecting credit card numbers, CVVs, or bank logins in plain-text inputs.
- Phishing Content: Masquerading as brand banks, government agencies, or large corporations.
Any endpoint caught collecting credit cards or login passwords will be locked instantly without warning, and the IP block will be reported.
3. Limits & Capacity
TL;DR: Fair limits to keep servers healthy for everyone.
We enforce fair-use capacity limits to maintain server performance and database responsiveness for all users.
If your active forms exceed the allowed usage limit, we will notify you to clear old entries or adjust your usage accordingly.
4. Account & Data Termination
TL;DR: Wipe data anytime, export easily.
You can permanently delete your account and clear all forms and submissions at any time directly from the dashboard. We provide a full CSV download of your collected payloads.
Upon account deletion, all active form POST endpoints will be deactivated immediately and data will be permanently wiped.