Authorised checks, minimal access, reversible operation.
FormHeartbeat is designed as a narrow managed monitor. These are the boundaries applied before a real form is tested.
Written authorisation first
No external form is submitted or scheduled until the agency or authorised site operator approves the exact URL, test frequency, recognisable test data and destination-inbox verification method. FormHeartbeat does not bypass CAPTCHAs, access controls or anti-abuse protections.
Least access
A compatible pilot normally needs only the public form and a restricted way to verify the agreed test marker in the destination mailbox. Website administrator credentials are not required for the audit. Passwords and secrets must not be sent by ordinary email.
Synthetic data only
Checks use an agreed test identity and unique marker. They must not include real customer information, sensitive data, payment information or private-form content. The agency remains in control of which sites and fields are in scope.
Evidence and retention
Operational evidence can include timestamps, step results, a unique test marker and failure screenshots. Evidence is limited to troubleshooting and reporting, retained for the pilot and a short support period, and then deleted or anonymised unless another period is agreed.
Failure handling
Alerts are routed to the agency contact, not directly to the agency's client. Monitoring has an emergency stop, scheduled runs remain disabled until a manual healthy run and an approved failure test pass, and a success page is never treated as proof of payment or inbox delivery.
Report a security concern
Send security questions or responsible-disclosure reports to founder@formheartbeat.com. Please do not include live credentials or sensitive customer data.