Privacy Policy

We collect information you provide directly, information generated when you use our services, and information from third-party sources where applicable.

Account and Business Information: When you create an account or use eSignova, we collect your name, email address, company name, billing information, and account preferences.

Document and Transaction Information: We collect documents you upload, recipient information, signature requests, completion status, and related metadata necessary to facilitate signing workflows.

Verification and Authentication Information: We collect email verification codes, magic link authentication tokens, IP addresses, device identifiers, and timestamp information to secure signer access.

Usage and Technical Information: We automatically collect information about how you interact with eSignova, including access logs, session data, browser type, operating system, referring URLs, and pages viewed.

Payment Information: When you subscribe to a paid plan, payment card information is collected and processed by our third-party payment processor. We do not store full payment card numbers.

We use the information we collect to:

• Provide, operate, and maintain eSignova's e-signature workflows
• Process signature requests and deliver signing invitations to recipients
• Verify signer identity using email verification codes and magic links
• Generate audit trails, completion certificates, and evidence packages
• Process billing and manage subscription accounts
• Send transactional notifications, reminders, and service updates
• Provide customer support and respond to inquiries
• Monitor and analyze service performance, security, and reliability
• Detect, prevent, and respond to fraud, abuse, and security incidents
• Comply with legal obligations and enforce our Terms of Service
• Improve and develop new features and services

If you are located in the European Economic Area (EEA), UK, or Switzerland, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide eSignova services under our Terms of Service
• Legitimate Interests: Processing for service improvement, security, fraud prevention, and business operations
• Legal Obligations: Processing required to comply with applicable laws and regulations
• Consent: Processing based on your explicit consent, where applicable (you may withdraw consent at any time)

We share information in the following circumstances:

• With Recipients: We share documents and signing requests with the recipients you specify to complete signature workflows
• Service Providers: We share information with third-party vendors who provide hosting, payment processing, email delivery, customer support, and analytics services under confidentiality agreements
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity
• Legal Compliance: We may disclose information to comply with legal obligations, court orders, subpoenas, or to protect our rights and safety
• With Your Consent: We may share information with your explicit permission for other purposes

We do not sell your personal information to third parties.

We use cookies and similar tracking technologies to recognize you, remember your preferences, analyze usage, and secure our services. For more details, see our Cookie Policy.

You can control cookies through your browser settings, but disabling certain cookies may affect service functionality.

We retain your information for as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce our agreements.

• Account Information: Retained while your account is active and for a reasonable period thereafter
• Completed Envelopes: Stored in immutable vault archives to maintain audit trail integrity and legal defensibility
• Audit Logs: Retained for compliance, legal, and security purposes in accordance with industry standards
• Payment Records: Retained as required by tax and financial regulations

You may request account deletion at any time, subject to our legal retention obligations.

We implement technical and organizational security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include:

• TLS encryption for data in transit
• Encryption at rest for stored documents and sensitive data
• PKI digital sealing for document integrity verification
• Immutable S3 'Lock' bucket archiving for completed envelopes
• Hash-chained audit logs to prevent tampering
• Access controls and authentication mechanisms
• Regular security assessments and monitoring

While we strive to protect your information, no system is completely secure. If you believe your account has been compromised, contact us immediately.

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information, subject to legal retention requirements
• Portability: Request a machine-readable copy of your information
• Objection: Object to certain processing activities
• Restriction: Request restriction of processing in certain circumstances
• Withdrawal of Consent: Where processing is based on consent, you may withdraw it at any time

To exercise these rights, contact us at privacy@esignova.com. We will respond within the timeframes required by applicable law.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to know what personal information we collect, use, disclose, and sell
• Right to request deletion of personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights
• Right to correct inaccurate personal information
• Right to limit use of sensitive personal information

To exercise these rights, contact us at privacy@esignova.com or call 1-800-XXX-XXXX.

eSignova is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

eSignova operates globally. Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws.

When we transfer personal information from the EEA, UK, or Switzerland, we rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through a prominent notice in eSignova. Your continued use of the service after changes take effect constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our privacy practices, contact us at:

eSignova Privacy Team
Email: privacy@esignova.com
Address: 123 Business Street, Suite 100, San Francisco, CA 94105

For EEA, UK, or Swiss residents with unresolved privacy concerns, you have the right to lodge a complaint with your local data protection authority.