Get access to free tutorials, exclusive content and more.

How Ninja Forms Handle WordPress Submission Data

Are you looking for more information on how Ninja Forms manages WordPress submission data in compliance with GDPR requirements? You might have come across the idea of signing data privacy agreements with third-party service providers when handling user data.

Such an agreement is not required with Ninja Forms. We are not responsible for compliance with data protection laws because we don’t collect any user information or data. Let’s take a closer look at how this works below.

Where is the data submitted via Ninja Form stored?

Ninja Forms collects NO user information and no data from your submissions is stored on our servers. The submissions are stored in your WordPress database via admin-ajax.php through WordPress.

All data collected in your forms exist only on your local server in your WordPress database unless you have set it up to be sent elsewhere, such as through an email action or third-party integration (e.g. Salesforce, Mailchimp, Zapier, etc).

Submitted data by Ninja Forms is stored on your servers in WordPress, under Ninja Forms dashboard > Submissions, if the Record Submission action is enabled.

The form submission data is only accessible to individuals with Administrator role permissions on your website, or individuals with sFTP access to your server & database tables.

If you want to allow additional users to access and edit WordPress form submissions in the WordPress dashboard, you can use the User Management add-on that grants additional user Access features.

Is there a way that data submitted in a form is sent through an email and not stored on the server?

Yes, our form builder gives you the option to disable storing submissions on your server. Just toggle off the Record submission action under the Emails & Actions tab. Disabling this action means no data from your Ninja Form will be saved to the database.

However, you can send the form submission data to designated addresses via Email action, also located under the Emails & Actions tab.

You have the option to include the data in your email message in the form of merge tags. Another way is to attach a CSV file of the submitted form to the email.

email notifcation

Ninja Forms & HIPAA security compliance

Ninja Forms does not have any access to your site or the form data entered within your site. We NEVER collect or even have the capacity to see data entered into form fields or any other user data.

Ninja Forms does everything it can to make sure all form-submitted data is handled in a secure way as possible. It doesn’t matter what a form plugin does to make itself more secure, your form data is only as secure as your server.

Ninja Forms is HIPAA compliant as long as your general site practices are in compliance. Besides disabling the Record Submission action to stop saving data in your server, you can also configure your Record Submission Action to only save certain fields or have submissions expire (be deleted) after a certain amount of time.

HIPPA Compliance

If you find that your WordPress installation is not trashing submissions properly, navigate to Ninja Forms > Settings > Advanced Settings and use the Move to Trash button.
trash submissions

That’s it! Now you know how Ninja Forms handle WordPress submission data. Want to learn more about form submissions? We encourage you to read our guide that deep dives into WordPress form submissions.

Ninja Forms ensures GDPR Compliance

When it comes to GDPR compliance, Ninja Forms takes data privacy seriously. Whether you choose to disable data storage or utilize email actions or third-party integrations to collect your WordPress submission entries, Ninja Forms offers a reliable and privacy-conscious solution for handling WordPress form data.

With our robust security measures, you can use Ninja Forms with confidence, knowing that your data is handled responsibly.

Want to learn how Ninja Forms eases the path to GDPR compliance? Check our GDPR documentation page and gain valuable insights to make GDPR compliance a breeze for your site!