Privacy & Compliance Tools

Data privacy is not just a legal requirement; it's a feature. Flux provides the technical infrastructure to build GDPR-compliant forms, but it is up to you to implement them correctly.

While Flux handles the secure collection and storage of data, the design of your consent flow determines your legal standing.

Related Reading:

Flux's Privacy Toolkit

Flux includes specific features designed to help you meet transparency requirements without needing custom code.

Every form comes with a dedicated "Footer" section. This is the ideal place for:

  • Privacy Notices: A brief statement explaining why you are collecting this data.
  • Policy Versioning: E.g., "Privacy Policy v2024.1". Storing the specific version number helps you prove which policy the user agreed to at the time of submission.

You can configure a direct link to your full Privacy Policy with a custom label. This ensures the policy is accessible directly from the point of collection, a requirement under GDPR and CCPA.

3. Automated Proof of Submission

For every submission, Flux automatically generates a Consent JSON. This record captures:

  • The exact timestamp (UTC).
  • The form content.
  • A hash of the user's email (for anonymity).
  • The specific "Opt-In" actions taken (e.g., which boxes were checked).

The "Safe" Global Strategy

You likely don't want to build five different forms for five different legal regions. The safest and most efficient approach is to design your form to meet the strictest standards (usually GDPR + PIPL). By doing so, you automatically satisfy looser regulations.

Recommended Design Rules:

  1. Always use Opt-In:
    Pre-ticked boxes are illegal under GDPR. Always default checkboxes to unchecked.
  2. Granular Consents:
    Do not bundle permissions. If you want to accept Terms of Service and send Marketing Emails, use two separate checkboxes.
  3. **Clear Action