Privacy & Security Features
Personal+Protect your users' data with private emails, custom honeypot fields, and domain restrictions — all built in.
1. Private Email Addresses
Mask submitter email addresses in notification emails so internal staff can process submissions without seeing full personal data.
Healthcare Clinic
A clinic's receptionist receives appointment request notifications. With private emails enabled, the receptionist can see there's a new request from "Ra****@gmail.com" and process it — without ever seeing the patient's full email address. The doctor can still view the full data in the dashboard.
How to enable
Go to your form → Settings → Privacy & Security
Open the form you want to configure.
Toggle on "Private email addresses"
Email addresses will be masked in all notification emails.
Save Settings
The setting takes effect immediately for new submissions.
2. Custom Honeypot Fields
Name your own invisible trap field to catch spam bots — even the smart ones that know about common honeypot names.
Why use a custom name?
_gotcha and skip them. By naming your trap field something plausible like company_fax, bots will fill it in — and get caught.How to set up
Go to your form → Settings → Privacy & Security
Open the form you want to protect.
Enter a custom honeypot field name (e.g. "company_fax")
Choose a name that sounds like a real field to trick bots.
Add a hidden input with that name to your HTML form
Real users never see or fill this field. Bots do — and Flowqen rejects the submission.
Save Settings
Spam protection is now active.
Code example
<!-- Add this hidden field to your form --><inputtype="text"name="company_fax"style="display:none"tabindex="-1"autocomplete="off"/>
3. Domain Restrictions (CORS)
Restrict which domains can submit to your form endpoint. This prevents unauthorized sites from posting data to your forms.
Privacy & Security settings panel in the form dashboard
Best practice: layer your defenses