When you use a contact form you are usually collecting personal data. You have to inform people how the data is saved and transmitted, how long you store it and if you transmit it to other recipients.
With Joomla there are some common used form components.
What you have to to consider when using forms on your website:
- Only collect necessary data. On a normal contact form you don't need birthdate or address.
- Use https on your website to secure the data that is being communicated through the form.
- Email notifications will probably be sent in plain text from your server to the visitor and/or administrator.
- The default contact form in Joomla sends the form input via an email notification the site admin and to the visitor. Even if your site is working with SSL (so under https:// ) the email will probably be sent in plain text.
- It does not store the form submission to its database