diff --git a/.firebaserc b/.firebaserc
new file mode 100644
index 0000000..856f505
--- /dev/null
+++ b/.firebaserc
@@ -0,0 +1,5 @@
+{
+	"projects": {
+		"default": "quice"
+	}
+}
diff --git a/firebase.json b/firebase.json
new file mode 100644
index 0000000..34590bc
--- /dev/null
+++ b/firebase.json
@@ -0,0 +1,6 @@
+{
+	"firestore": {
+		"indexes": "firebase/firestore.indexes.json",
+		"rules": "firebase/firestore.rules"
+	}
+}
diff --git a/firebase/firestore.indexes.json b/firebase/firestore.indexes.json
new file mode 100644
index 0000000..c3543e2
--- /dev/null
+++ b/firebase/firestore.indexes.json
@@ -0,0 +1,19 @@
+{
+	"fieldOverrides": [],
+	"indexes": [
+		{
+			"collectionGroup": "submissions",
+			"fields": [
+				{
+					"fieldPath": "formId",
+					"order": "ASCENDING"
+				},
+				{
+					"fieldPath": "createdAt",
+					"order": "DESCENDING"
+				}
+			],
+			"queryScope": "COLLECTION"
+		}
+	]
+}
diff --git a/firebase/firestore.rules b/firebase/firestore.rules
new file mode 100644
index 0000000..f1bbc23
--- /dev/null
+++ b/firebase/firestore.rules
@@ -0,0 +1,31 @@
+rules_version = '2';
+service cloud.firestore {
+    match /databases/{database}/documents {
+        match /{document=**} {
+            allow read, write: if false;
+        }
+        
+        function isUserOwner(form) {
+            return form.data.owner.type == 'user'
+                    && form.data.owner.id == request.auth.uid;
+        } 
+
+        match /forms/{formId} {
+            allow read: if isUserOwner(resource);
+            
+            allow write: if false;
+        }
+        
+        function hasAccessToSubmission(formId) {
+            let form = get(/databases/$(database)/documents/forms/$(formId));
+        
+            return isUserOwner(form);
+        }
+        
+        match /submissions/{submissionId} {
+            allow read: if hasAccessToSubmission(resource.data.formId);
+        
+            allow write: if false;
+        }
+    }
+}
\ No newline at end of file