Security You CanTrust

Your documents contain sensitive information. We protect them with bank-level encryption, verified signer identity, and tamper-proof audit trails — so you can sign with confidence.

View Compliance DetailsContact Us
256-bit
AES Encryption
TLS 1.3
In Transit
ESIGN
Compliant
0
Data Breaches

How We Protect Your Data

Multiple layers of protection keep your documents and data safe at every step

256-bit AES Encryption

All documents are encrypted at rest using AES-256 and protected in transit with TLS 1.3. Your data stays encrypted at every stage.

Identity Verification

Verify signer identity with government ID scanning (OCR), facial recognition, TOTP 2FA, email/SMS OTP, and access codes — more options than most competitors.

Complete Audit Trails

Every signature action is logged with IP address, device info, browser details, geolocation, and timestamps — all included in a tamper-proof signing certificate.

Tamper-Proof Certificates

A digitally sealed Certificate of Completion is generated for every signed document, providing a full chain of evidence for legal validity.

Two-Factor Authentication

Protect your account with TOTP authenticator app support. Add an extra layer of security beyond your password for all account access.

Row-Level Data Isolation

Database-level Row-Level Security (RLS) ensures every user can only access their own documents. No user can ever see or modify another user's data.

Compliance & Legal Standards

Your signatures are legally valid and your data is handled according to recognized standards

ESIGN Act Compliant

Legally binding electronic signatures under US federal law with proper consent capture and audit trails

UETA Compliant

Full compliance with the Uniform Electronic Transactions Act across all US states

GDPR In Progress

Actively working towards full EU data protection compliance — Privacy Policy and Data Processing Agreement already in place

SOC 2 Infrastructure

Our infrastructure runs on independently SOC 2 Type II certified platforms with enterprise-grade security controls

View full compliance documentation

Our Security Practices

Security measures we implement across every layer of the platform

Application Security

  • Strict security headers (HSTS, CSP, X-Frame-Options)
  • Input validation and sanitization on all forms
  • Dependency vulnerability monitoring
  • Code reviews for all changes
  • XSS, SQL injection, and CSRF protection
  • Content Security Policy with strict source rules

Data Protection

  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • Row-Level Security (RLS) in database
  • Automatic daily data backups
  • Secure environment variable management
  • No plain-text storage of sensitive data

Authentication & Access

  • Clerk-powered secure authentication
  • Multi-factor authentication (TOTP)
  • Role-based access controls
  • Secure session management
  • OAuth support (Google, GitHub)
  • Signer identity verification (ID, face, OTP)

Privacy & Compliance

  • Comprehensive Privacy Policy
  • Data Processing Agreement (DPA)
  • Right to data deletion on request
  • Working towards full GDPR compliance
  • ESIGN Act & UETA compliance
  • Fair usage policy with transparent limits

Have Security Questions?

We're happy to discuss your security requirements. Reach out anytime.

Contact UsView Compliance