Security

Your documents.
Fort Knox security.

SHA-256 tamper-proof hashes, JWT auth, AWS encrypted storage, full audit trails, GDPR compliance. We take security as seriously as you do.

🔐
SHA-256 Document Hashing
Every finalized signed document receives a SHA-256 tamper-proof hash. Anyone can independently verify the document hasn't been altered using standard tools.
🛡️
JWT Authentication
Access tokens + refresh tokens. Short-lived access tokens (15min). Refresh tokens stored securely. Rate limiting on all auth endpoints.
🔒
Encrypted Storage
All documents stored on AWS S3 with AES-256 server-side encryption. Pre-signed URLs expire in 24 hours. No public document access.
📋
Full Audit Trail
Every event logged: created, sent, viewed, signed, declined, completed. IP address, user agent, and timestamp on every action.
🌍
GDPR Compliant
Data export on request. Right to deletion honored within 30 days. Data residency in EU on request. Privacy policy is human-readable.
🔑
Signer Authentication
Email OTP (6-digit, 15 min expiry) verifies every signer. Optional SMS OTP for higher security. UUID-based single-use signing tokens.
🏛️

Hosted entirely on AWS

PostgreSQL on RDS, files on S3, processing on Lambda, email via SES. Enterprise-grade infrastructure — that's why we can offer $52.99/year pricing without cutting corners on security.