This is a secure service, compliant with GDPR, PCI-DSS, NIST and HIPAA

1 min read

The requirements for a secure service are many and are defined by a variety of laws and frameworks such as GDPR, PCI-DSS, HIPAA, NIST, etc.

ANON::form is a web forms service that fulfills all this and more.

Five important things that make ANON::form a safe, anonymous and very secure service you can trust. We comply with GDPR, Schrems II, PCI-DSS, HIPAA and NIST.

We use E2EE, ie all data is already encrypted in the browser and decrypted at the recipient, which we then transport in encrypted channels.

And we do not save anything about the transport in any logs or cache, our service is completely anonymized.

ANON::form is a completely unique service where none of the security is left to chance, we keep what we promise:

Meets safety requirements

ANON::form is a service that meets the requirements for security according to the respective standard for:
EU/GDPR + EU/Schrems II
and receives the rating A+ from Qualsys SSL Labs and ImmuniWeb.

ANON::form follows the Zero Trust framework for a secure infrastructure.

All certificates are encrypted with SHA256/RSA 2048 bits/TLS 1.2 + 1.3.

Meets the requirement for Zero Access Encryption

ANON::form does not store form data and meets the requirement for Zero Access Encryption, suppliers who receive form data from ANON::form comply with Zero Access Encryption in that all data stored is encrypted via endpoints (E2EE) with personal keys.

Meets the requirement for privacy

ANON::form fulfills the requirement for anonymity in that no traffic, error or other logs are activated (No-Log Policy), all form data is sent encrypted directly to receiving systems without intermediaries.

Nothing is saved in the computer or browser by the service, but the use of incognito windows, or even better Tor Browser, is recommended to prevent sensitive data from being saved by the browser’s own functions.

Protected against malicious code

ANON::form is protected against malicious code by cleaning up all form data before it is processed by the server system. We do not have any online editing of forms, everything is uploaded manually by us after virus and other security checks.

All services are run on own servers in secure server halls. The encryption software we use is open source (OpenPGP) which is constantly reviewed by a large community spread all over the world.

Spam protection

All forms have Captcha protection against robot-generated spam. The Captcha function is locally installed and does not download anything from external sources such as Google. The forms also support hCaptcha, which offers better spam protection but poorer anonymity through increased traceability.

Scroll to Top