Privacy Policy

Last updated: January 15, 2025 | Version 2.0 | Effective Date: January 1, 2025

1. Information We Collect

We collect information you provide directly to us, information automatically collected through your use of our Service, and information from third-party sources when you authorize us to do so.

1.1 Information You Provide

Account Information:

Full name and email address (required)
Company name and job title (optional)
Password (encrypted with bcrypt, never stored in plain text)
Phone number for two-factor authentication (optional)
Profile photo (optional)

Document Content:

Documents you upload for signing (PDF, DOCX, images)
Electronic signatures you create (drawn, typed, or uploaded)
Signature metadata (timestamp, IP address, device info)
Recipient information (names and email addresses of people you send documents to)
Form field responses and custom fields

Payment Information:

Billing details (name, address) - Stored by Stripe, our payment processor
Last 4 digits of credit card - We do not store full payment card details
Transaction history and invoice records
Tax identification numbers (for business accounts)

Communications:

Support tickets and chat messages
Feedback and survey responses
Email correspondence with our team
Community forum posts and comments

1.2 Automatically Collected Information

Usage Data:

Pages viewed, features used, and time spent on platform
Documents created, sent, and signed
Search queries within the application
Click patterns and navigation paths
Error logs and performance metrics

Device & Browser Information:

IP address and approximate geographic location (city/state level)
Browser type, version, and language settings
Operating system and device type
Screen resolution and device identifiers
Referral source (how you found our site)

Cookies & Similar Technologies:

Essential Cookies: Required for authentication and core functionality
Analytics Cookies: Help us understand usage patterns (opt-out available)
Preference Cookies: Remember your settings and language preferences
Security Cookies: Detect suspicious activity and prevent fraud

1.3 Biometric Signature Data

For fraud prevention and signature verification, we collect biometric characteristics of electronic signatures:

Pressure patterns: Stylus pressure during signing
Velocity analysis: Signing speed and stroke patterns
Timing metrics: Duration and rhythm of signature
Geometric features: Shape, size, and proportions

Note: This data is used solely for fraud detection and signature verification. It is encrypted, never shared with third parties, and you can opt-out of biometric analysis in your privacy settings.

2. How We Use Your Information

We use collected information to:

Provide, maintain, and improve the Service
Process your transactions and send notifications
Respond to your comments and questions
Send you technical notices and support messages
Detect and prevent fraud and abuse
Comply with legal obligations

3. Information Sharing

We share information only with:

Service Providers: Stripe (payments), Supabase (database), Resend (emails)
Document Recipients: People you choose to send documents to
Legal Requirements: When required by law or to protect rights
Business Transfers: In connection with mergers or acquisitions

We never sell your personal information to third parties.

4. Data Security

We implement industry-standard security measures including encryption at rest and in transit, hash-chained audit logs, and regular security assessments. However, no method of transmission over the internet is 100% secure.

5. Your Privacy Rights

You have the right to:

Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request deletion of your personal data
Opt-Out: Unsubscribe from marketing communications
Data Portability: Receive your data in a portable format

To exercise these rights, visit your account settings or contact privacy@authenlysign.com.

6. California Privacy Rights (CCPA)

California residents have additional rights under the CCPA, including the right to know what personal information we collect, the right to delete personal information, and the right to opt-out of the sale of personal information. We do not sell personal information.

7. GDPR Compliance (EU Users)

For users in the European Union, we comply with GDPR requirements. We process data based on legitimate interests, contractual necessity, and consent. You have the right to lodge a complaint with your local data protection authority.

8. Data Retention

We retain your information for as long as your account is active or as needed to provide services. For compliance purposes, signed documents are retained for 7 years by default. You can adjust retention periods in your workspace settings.

9. Cookies and Tracking

We use cookies and similar technologies to provide functionality, analyze usage, and personalize your experience. You can control cookie preferences through your browser settings.

10. Children's Privacy

AuthenlySign is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use after changes constitutes acceptance.

12. Contact Us

For questions about this Privacy Policy or your personal data:
Email: privacy@authenlysign.com
Address: AuthenlySign Inc., 120 19th ST N STE 201 NUM 750307, Birmingham, AL 35203
Data Protection Officer: dpo@authenlysign.com

Your Privacy Matters

Quick Summary