Check every item that is true. Leave it unchecked when you have not
verified it. Unknowns are risk until proven otherwise.
The form has a real backend endpoint.
Examples: Formspree, Web3Forms, Netlify Forms, custom API, or CRM webhook.
A real test returns a clean 2xx or documented redirect.
Browser success text alone is not enough when the network request fails.
The recipient inbox or CRM actually receives the test.
Form services can accept a POST while delivery still breaks downstream.
The success state is specific and visible.
Users should see confirmation, expected response time, and next step.
The error state is testable.
Failed network, invalid email, and required field errors should be understandable.
Required fields do not force fake data.
Phone, budget, company size, or strategy-session fields can block honest leads.
The reply path is obvious.
Email, name, message, and context reach a human who can answer.
Spam protection does not trap normal users.
Honeypot, CAPTCHA, and consent fields should be reachable and clear.
Mobile layout is submit-safe.
Labels, buttons, consent text, and success messages fit on a phone.
Analytics or logs can prove conversion health.
At minimum, record submitted, failed, and delivered states separately.