I’ve gone to https://webflow.typeform.com/to/nM8vLH.
This is for a data processing agreement (DPA) which is one of the more important things you need to have for the GDPR.
Furthermore i’ve linked to https://webflow.com/legal/privacy which also has some insights into the privacy and data handling.
Still there is a possible issue about the location of the servers that hold the ‘user-data’.
As far as i know, it’s not 100% clear where the servers are, or more specific on which server your data is. Generally i’ve settled and communicated to my clients it’s still US regulations even if the servers ‘might’ be in the EU for example. With an extra link to the DPA i signed with Webflow did suffice for now.
Hope you can find some more info on the supplied links.
Also mention-able and in line with the GDPR:
- disable view of form submissions and user data for the site designer
- option to move site to separate account for a client only
- option for enabling IP anonymization for Google Analytics
- option for 2FA
- option for removal of database entries and personal data