The security, privacy and availability of your data is our highest priority.
Designed for speed, compliance and scale in partnership with some of the best companies in the world, we are SOC 2 compliant, protect your data and documents with bank-level security, maintain the strictest privacy policy in the industry, and are the only major electronic agreement platform to offer a 99.9% uptime guarantee to every customer regardless of size.
In addition to being GDPR, CCPA, and HIPAA compliant, we do not have the ability to access your data or documents without an explicit code grant from you and do not track you or your signers with cookies for any purpose whatsoever unrelated to the delivery of our service – commitments that no other major agreement platform even comes close to matching.
Your data and documents are encrypted to bank-level security standards using Transport Layer Security (TLS) 1.2+ encryption in transit and Advanced Encryption Standard (AES) 256-bit encryption at rest, stored behind a firewall in independently certified SOC 2 and ISO 27001 data centers, and guarded by continuous security monitoring through Vanta and annual SOC 2 compliance audits.
ESIGN Act and UETA
All signing activity is tracked and documented in a detailed audit trail, legally binding and fully compliant with the Electronic Signatures in Global and National Commerce Act (ESIGN Act) and the Uniform Electronic Transactions Act (UETA).
SOC 2
Our systems and organizational controls are SOC 2 compliant with an initial SOC 2, Type 2 audit in progress and expected to be completed in the second quarter of 2025. Additionally, all documents are stored behind a firewall exclusively at independently certified SOC 2 and ISO 27001 data centers.
PCI DSS
All payment methods and payment transactions are managed end-to-end by Stripe, a leading and fully compliant Payment Card Industry Data Security Standard (PCI DSS) payment processor for internet companies.
GDPR
We follow General Data Protection Regulation (GDPR) guidelines to safeguard the personal information of users in the European Union.
CCPA
We follow California Consumer Privacy Act (CCPA) guidelines to safeguard the personal information of users in California.