Privacy Policy

Last updated: March 12, 2026

1. Information We Collect

We collect information you provide directly:

  • Account Information: Name, email address, and password when you register.
  • Documents: Files you upload for signing, including their content and metadata.
  • Signatures: Electronic signatures you create and apply to documents.
  • Usage Data: IP addresses, browser type, and actions taken within the platform.
  • Payment Information: Billing details processed securely through Stripe.

2. How We Use Your Information

  • To provide and maintain the document signing service.
  • To create tamper-evident audit trails for signed documents.
  • To send you transactional emails (signing requests, notifications, verifications).
  • To process payments and manage subscriptions.
  • To detect and prevent fraud or security incidents.
  • To improve the Service and develop new features.

3. Data Storage and Security

Documents and data are stored using industry-standard encryption. We use PostgreSQL with TLS encryption in transit, and files are stored in secure cloud storage. Passwords are hashed using bcrypt. API keys are hashed with SHA-256 and only shown once upon creation.

4. Audit Trail

SignSteve maintains a tamper-evident audit trail for each document, recording signing events, IP addresses, timestamps, and user agents. This trail uses cryptographic hash chaining to ensure integrity and cannot be modified after creation.

5. Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Cloud hosting, email delivery, and payment processing partners.
  • Document Recipients: When you send a document for signing, recipients can see your name and email.
  • Legal Requirements: When required by law, court order, or to protect our rights.

6. Data Retention

We retain your account data for as long as your account is active. Completed documents and audit trails are retained for 7 years for legal compliance. You may request deletion of your account and personal data, subject to legal retention requirements.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and receive a copy of your personal data.
  • Correct inaccurate personal data.
  • Request deletion of your personal data.
  • Object to or restrict processing of your data.
  • Data portability (receive your data in a structured format).

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies. You can manage cookie preferences in your browser settings.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email. Continued use after changes constitutes acceptance.

10. Contact

For privacy inquiries, contact us at privacy@signsteve.com.

See also our Terms of Service and Security pages.