Legality


Electronic signatures are legally binding in many countries worldwide including the USA, Canada, UK, Australia, the European Union, and more. 

SignEasy is an Advanced electronic signature that is required to meet certain specific requirements on the signer’s identity, security, and sanctity of the signed document. The requirements specified under ESIGN are:

  • it is uniquely linked to the signatory;

  • it is capable of identifying the signatory;

  • it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and

  • it is linked to the data signed there within such a way that any subsequent change in the data is detectable.



Security

SignEasy’s verified email for every user, 2FA(with passcode AND biometric authentication), audit trail & document verification to indicate tampering makes it an Advanced Electronic Signature provider. This covers a significant number of daily business transactions across industries.


SignEasy takes the following steps to ensure that the document is legally binding and authenticated:

  • Email and Password combination required for access to the app so that we can always authenticate the signer (this is also used as the challenge anytime you pass information to and from the app).

  • Signature certificate sent out with signed documents (both self-signed and RS). 

  • The signature certificate includes the signer(s) IP address, as well as the date and time of app access and signature in order to authenticate the signers, later if needed.




Data and Privacy Handling

We realize that security and privacy are important, and we take it very seriously at SignEasy. We work hard to maintain that privacy and security for every user, every time you use SignEasy. Amazon's cloud computing infrastructure is certified by ISO 27001 standards which validate that their data centers are highly secure and utilize state-of-the-art electronic surveillance and multi-factor access control systems. It provides an extremely scalable and reliable platform that enables us to deploy applications and data quickly and securely.


On top of security provided by our software and hardware partners such as Amazon, we enforce additional access control and security policies on our firewalls and the applications running on our EC2 instances.





Frequently asked questions by our customers

 

Do you store my signature?

 

When your signature is added and saved, we do save it on our secure servers. 

Anytime your signature is added to a document and information passes between your app and our servers, we encrypt the information to protect your privacy.

 


 Do you store my client’s signature?

 

We only store one signature per account (the signature selected as your primary signature). If your client enters a signature on a particular document, it will only be saved for that particular instance. We won't store your client’s signature on our end.


 

Do you store my documents on your server?


When you import a document into your SignEasy app, we'll store it on our servers securely. This lets us do 2 things:

  • Synchronize your documents and status across all your devices

  • Maintain original copies of your documents for future use

Anytime your data is communicated between our servers and the app, we encrypt it for your protection. We use data storage through Amazon AWS servers based on the US East Coast (Virginia) with multiple security safeguards in place. You can read more about the AWS service and its security measures at https://aws.amazon.com/security/   

.


How do you protect my information?


SignEasy encrypts information transfers using industry-standard SSL encryption to ensure that your data is safe and secure whenever you import, sign, or finalize a document. We use Amazons AWS service to securely store the information in various data centers, and we maintain backups of all user information for additional security against data loss. We use end-to-end encryption when transferring signature files and documents, and we encrypt data at rest. 


While all data is encrypted, SignEasy offers both a password and a passcode. Data (or files) in motion is encrypted by SSL, an industry-standard technology used by banks, financial institutions, e-commerce sites, and more. Date (of files) at rest (stored in the cloud) are given authorized access by verification of only your account's credentials. In case of technical troubleshooting, authorized personnel from SignEasy's operational team can access the file only after getting written permission from the user by email explicitly.


Can anyone else access my information?


Anytime there is an attempt to access your documents, we authenticate the request with a challenge to verify your username and password. Document contents and titles are masked against any access, and SignEasy will never access your data or documents without express permission. At no point does ownership of your document transfer or do you forfeit ownership of the documents or contents. SignEasy is not responsible for the legality of the document contents, keep your SignEasy login information safe and secret, and no one else will be able to view your documents or information. 


We take your security, privacy, and data very seriously here at SignEasy. If you ever have any concerns, doubts or questions don't hesitate to reach out to us at support@signeasy.com. We'll do everything we can to address your questions. 


The email with the signed document as an attachment is triggered automatically by our system without any human intervention. It's sent to ensure you have a safe copy of the signed document in your email inbox. All the data between your mobile device and our servers are encrypted during transmission. You can read our privacy policy at https://signeasy.com/privacy/ and https://signeasy.com/terms/

.



What happens in the event of an outage?


SignEasy boasts a 99% uptime of service, but we understand that sometimes issues can occur. When issues occur we have a number of safeguards in place:


  • We will notify users through an in-app banner of known issues/server issues that last longer than 4 hours.

  • Support will communicate with users with either a workaround or regular updates on the status of repairs

  • Activity in the app will be suspended and any emails queued for delivery at a later time. 

  • Audit trail emails that are not delivered due to a service outage can be retrieved on request once the outage is resolved. 

  • We use redundant backups to ensure that user information is not lost in the event of a server outage or downtime.