Step 1: Exploring the law and what it states
Simply stated GDPR tries to accomplish: You to "opt-in" to any data collection, being able to see and delete any personal data about you.
The GDPR simply states that you need to do three main things when it comes to data.
- Require users to 'opt in' for data collection
- Allow users to see data collection about them
- Allow users to delete that data
Step 2: What that means for forms
Online with forms we usually gather data. Mostly its simple information about our customers such as lead forms, but it can also be much more sensitive.
Step 3: How do we make forms compliant
Just in case you need a bit more information about GDPR I suggest you hire a lawyer or start exploring from EU's own website. It's a long read. I did most of it.
- Official website of the EU explaining GDPR