Skip to content
Independently verified · Quarterly re-audit
EU VETTED

Formbricks

VERIFIED
Forms & surveys · Germany
Founded 2022 · formbricks.com ↗

German open-source experience-management platform (Formbricks GmbH, Kiel) for link, website and in-product surveys; AGPLv3, self-hostable.

In short

Formbricks, in the Forms & surveys category, offers EU hosting with Germany as its hosting location, but a US parent or sub-processor leaves material CLOUD Act exposure.

Assessment notes

German GmbH (Kiel) shipping an AGPLv3 open-source survey/forms platform with a publicly-downloadable DPA (sub-processors in Annex IV) and SOC 2 Type II, but the managed Formbricks Cloud runs on AWS in Germany for database + email at rest, with Stripe/Google Cloud/Sentry/PostHog/Chatwoot alongside it and US VC (OSS Capital) on the cap table, EU-headquartered but US-VC-funded with material CLOUD Act exposure for the managed cloud; self-hosting the AGPLv3 build on EU infrastructure removes the AWS and US sub-processor exposure entirely.

CLOUD ACT
OWNERSHIP
SUB-PROCS
7 · 6 US
CLOUD Act by deployment

Exposure depends on how you run this product.

Hosted SaaS (default)

Vendor-operated: the sub-processors below apply.

Self-hosted (open-source)

Deploy on your own EU infrastructure and you control hosting and every sub-processor.

Verified signals
Jurisdiction
  • EU / adequacy hosting
  • EU / adequacy operator
  • No US CLOUD Act exposure
Transparency
  • Public DPA
  • Sub-processors disclosed
  • Open-source clients
  • Third-party certification
JUMP TO
OVERVIEW

About Formbricks

Formbricks is a German open-source experience-management platform operated by Formbricks GmbH (Kuhnkestr. 6, 24118 Kiel), founded in 2022 by Johannes Dancker and Matti Nannt. It positions itself as the open-source Qualtrics alternative and covers link surveys, website and in-product (in-app) surveys, and email-embedded feedback forms, with event-triggered targeting, user segmentation, conditional logic, multi-language surveys, file uploads, webhooks, and SDKs. The full core application is licensed under AGPLv3 on GitHub and is fully self-hostable.

For an EU-sovereignty audit the ownership tier is eu_hq_us_funded: Formbricks is a German GmbH but is backed by OSS Capital (a US open-source-focused VC), Flex Capital, and the GitHub Accelerator, with angels including Tom Preston-Werner (GitHub) and Peer Richelsen (Cal.com). The managed Formbricks Cloud (app.formbricks.com) is hosted in Germany on Amazon Web Services, which handles the database and email at rest. The DPA is publicly downloadable without signup and lists its Annex IV sub-processors: AWS (DE region), PostHog (DE region), Stripe (US), Sentry (DE region), Brevo (FR), Google Cloud (EU), and Chatwoot (US). The company holds SOC 2 Type II and states ISO 27001 is in progress. Per the directory's strict CLOUD Act stance (provider parent jurisdiction matters more than data-centre region), AWS at rest plus the US sub-processors plus US-VC ownership make this material CLOUD Act exposure for the managed cloud. Self-hosting the AGPLv3 build on EU-incorporated infrastructure (Hetzner, OVHcloud, Scaleway) removes the AWS and US sub-processor exposure entirely, making the customer the sole data controller.

Pricing: a free Hobby tier (250 responses/month, 1 workspace); Pro at US$89/month (~€82); Scale at US$390/month. Note "USA hosting" is an opt-in add-on, so the default cloud is Germany. Self-hosting is free under AGPLv3. Best fit: privacy-conscious product teams and EU developers replacing Qualtrics or Qualaroo for in-product surveys, or wanting a GDPR-compliant, self-hostable feedback layer. The self-host path is the procurement-grade option.

SUB-PROCESSORS

Sub-processor map · 7

Source ↗
  • AWS US
    United States

    Database and email delivery (data storage)

  • Chatwoot US
    United States

    Customer support

  • Google Cloud US
    United States

    Smart functionality (opt-in; does not touch respondent data)

  • PostHog US
    United States

    Product analytics (anonymized IP and device information; EU region)

  • Sentry US
    United States

    Error tracking and diagnostics

  • Stripe US
    United States

    Payment processing

  • Brevo EU
    France

    Marketing/communication and admin notifications

6 of 7 sub-processors are US-incorporated. CLOUD Act exposure applies.
CERTIFICATIONS

Frameworks & certifications

SOC 2
ACTIVE
Informational · US framework
FEATURES

Capability matrix

INTEGRATION & ACCESS
REST API Yes
SSO (SAML / OIDC) Yes
COMPLIANCE & GOVERNANCE
Audit log No
Self-host / on-prem option Yes
PRICING

Pricing & tiers

FREEMIUM
from €82/mo
View pricing page ↗
PUBLIC DOCUMENTS

Public documents

  • Data Processing Addendum (DPA)
    formbricks.com/dpa…
    Open ↗
  • Sub-processors list
    formbricks.com/dpa…
    Open ↗
  • Terms of Service
    formbricks.com/terms…
    Open ↗
ALTERNATIVES

Alternatives in this category

Findmind
Switzerland · Founded 2009
EU-BASED

Swiss research-focused online survey tool operated by Fabian Keller since 2009; used by University of Zurich researchers.

Public DPA Sub-processors Open source
FROM
CLOUD ACT
MINOR
Formdesk
Netherlands · Founded 2004
EU-SOVEREIGN

Dutch enterprise forms platform (Innovero Software Solutions B.V., Wassenaar, 20+ years), NL-only hosting.

Public DPA Sub-processors Open source
FROM
CLOUD ACT
NONE
Formspark
Switzerland · Founded 2018
EU-BASED

Developer form-backend (form-to-email API) flagged as Swiss; 20k+ customers, one-time-payment bundles, no UI.

Public DPA Sub-processors Open source
FROM
€23/mo
CLOUD ACT
MINOR