As part of our commitment to GDPR, Microsoft Forms has implemented an API, which allows organizations to include their privacy statement on the forms they share.
Tenant Admins can go to https://portal.azure.com to set a custom organizational Privacy Statement URL. The privacy statement on all forms created by users under this tenant will then direct to this URL when the form is shared with others.
As part of Office 365, Forms will continue to help business customers comply with GDPR, manage compliance, and avoid risk.