DocSignerHub

Privacy Policy

Last updated: 1 June 2025

1. Introduction

DocSignerHub (“we”, “us”, “our”) is committed to protecting your personal data. This Privacy Policy explains what data we collect, how we use it, and your rights under applicable data protection law, including the EU General Data Protection Regulation (GDPR).

2. Data We Collect

We collect the following categories of personal data:

Account Data

Name, email address, password (hashed), country, registration date.

Document Data

Documents you upload for signing, signed documents, document metadata (title, status, timestamps).

Signer Data

Email address, name, and role of signers you add to envelopes. Signers' IP addresses, user agents, and timestamps are recorded for compliance.

Usage Data

API requests, envelope events, webhook deliveries, and audit log entries.

Payment Data

We do not store payment card data. Billing is handled via email/manual process and recorded as plan metadata only.

3. How We Use Your Data

  • To provide and operate the signing platform
  • To send signing invitation and notification emails to signers
  • To generate audit trails and compliance certificates
  • To process subscription and usage billing
  • To respond to support enquiries
  • To detect and prevent fraud and abuse
  • To comply with legal obligations

4. Legal Basis for Processing

We process your data on the following legal bases: (a) Contractual necessity — to fulfil our service obligations; (b) Legitimate interests — for security, fraud prevention, and product improvement; (c) Legal obligation — to comply with applicable laws; (d) Consent — where you have explicitly opted in to communications.

5. Data Sharing

We do not sell your personal data. We share data only with service providers necessary to operate the platform (email delivery, cloud hosting, database services). All processors are bound by data processing agreements consistent with GDPR requirements.

6. Data Retention

Account data is retained for the life of your account plus 30 days after deletion. Signed documents and audit trails are retained for 7 years to meet typical legal retention requirements unless you request earlier deletion and your jurisdiction permits it.

7. Your Rights

Under GDPR and applicable laws, you have the right to:

  • Access a copy of your personal data
  • Correct inaccurate or incomplete data
  • Request erasure (“right to be forgotten”) subject to legal obligations
  • Object to or restrict processing
  • Data portability — receive your data in a machine-readable format
  • Lodge a complaint with a supervisory authority

To exercise your rights, contact privacy@docsignerhub.com.

8. Security

We implement technical and organisational security measures including TLS 1.3 encryption in transit, AES-256 encryption at rest, HMAC document integrity verification, and access controls. See our Security page for full details.

9. Cookies

We use essential session cookies for authentication. We do not use advertising or tracking cookies. No third-party analytics scripts are loaded without your consent.

10. Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email at least 14 days before they take effect.

11. Contact

For any privacy-related questions, contact us at privacy@docsignerhub.com or via our Contact page.