SQL table (example data for table FormData):
| UserID | CreateTime | Field1 | Field2 |
| 1 | 2014-07-31T07:45:12Z | Dude | Wassup |
| w | 2014-07-35T14:12:34Z | Guess what? | Chicken butt. |
Insertion into table (PHP/PDO, if I remember how it looks):
$db->execute("INSERT INTO FormData (UserID, CreateTime, Field1, Field2) VALUES(?, NOW(), ?, ?)", array($user->id, $field1, $field2));
Retrieval from table:
$data = $db->execute("SELECT Field1, Field2 FROM FormData WHERE UserID=?", array($user->id));
The $user variable should be the currently logged-in user. If a user is not logged in, do not allow them to submit data or retrieve data.
You can use an email address instead of an ID, something stored in a long-term cookie, or so on if you the data isn't privacy-sensitive and want to avoid an explicit login and signup procedure. You could also use Google/Facebook/Twitter authentication to avoid the signup phase.
Avoiding custom signup/login procedures is a very good thing; due both to trust issues and pure laziness, a majority of people will never sign up for a site they might otherwise be interested in. Using Google/Facebook/Twitter is a better bet since the number of people who have none of those is much smaller than the number of people who'll refuse to create a new account for whatever reason.